8342c0b9a48e0f0c8c30f5080f05c972_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8342c0b9a48e0f0c8c30f5080f05c972_JaffaCakes118
Size

4.7MB
MD5

8342c0b9a48e0f0c8c30f5080f05c972
SHA1

b2da5ccd54431e4b627557ed0378598c600a1db8
SHA256

9c50632c4e27d5866ecfccb17405006048a40ff77f07acc0b1f989d3fd407b64
SHA512

d3c6c2a785cc0fba618f0416ac3c77b3ceb072c2193744247a6b897d1750015751ed601e5dac92bed2dcf74ffa85c840942085b69a4fc77589ac3381e55b2c3f
SSDEEP

98304:a4hyOAkzPZCl5IyIUMckUAvIRVt4nmY9GwrGtagXZaMM7tCnsOn+uE:a4sOAkzhCl5I0bkUAgRVtQTrGbpTMhCm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ha_VeryDOC-pdf2word-v2.5/ha_VeryDOC-pdf2word25_cz.exe

Files

8342c0b9a48e0f0c8c30f5080f05c972_JaffaCakes118
.rar
ha_VeryDOC-pdf2word-v2.5/ha_VeryDOC-pdf2word25_cz.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

S2C!
Size: - Virtual size: 640KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Fox!
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2008
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ha_VeryDOC-pdf2word-v2.5/新云软件.url
.url
ha_VeryDOC-pdf2word-v2.5/汉化说明.txt