8b1c938069dc26b6f52f59faa163c247_JaffaCakes118 | Triage

Sharing

General

Target

8b1c938069dc26b6f52f59faa163c247_JaffaCakes118
Size

222KB
MD5

8b1c938069dc26b6f52f59faa163c247
SHA1

0f90bc564e3e7f3f738d9cdc4eaadec2ebd082f1
SHA256

6bce5549b39a31786da727cd96bffe8c55df072ae9b1e3f8f9c5790e96e74dc6
SHA512

abe19694fc035356a7b20f8fa49b83c9e91cff2dd4fb21c6ebf893719809088716b59fd754dba62cfbbcfd93b6250b768c5e2b90548e81496506d5cca0827a05
SSDEEP

6144:pOEk0ZfHvzG6iFpcuD67bQSWNEKVW2oN5WF:pOEk0ZfHa6luOWeKpoyF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/935213108/QuickEMail.exe

Files

8b1c938069dc26b6f52f59faa163c247_JaffaCakes118
.rar
935213108/QuickEMail.dpr
935213108/QuickEMail.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
935213108/QuickEMail.ico
935213108/QuickEMail.res
935213108/deltemp.bat
935213108/uQuickEMail.dcu
935213108/uQuickEMail.dfm
935213108/uQuickEMail.pas
935213108/下载说明.htm
.html .js polyglot