96912e37f42e6fcec4be8af9d5c155c2_JaffaCakes118 | Triage

Sharing

General

Target

96912e37f42e6fcec4be8af9d5c155c2_JaffaCakes118
Size

14.6MB
MD5

96912e37f42e6fcec4be8af9d5c155c2
SHA1

da9e2725ddc10411adbbc5e3871ac95f2bff581b
SHA256

875704cf9e7a31c5e9f99201fa7a2423ef05c9798ef58696af2d91b29ee45f93
SHA512

31626c8099431a517d94c216cd9e83309e4ebade4e1da5c8e802123af8c617ef0730eeef5fa05985db39010277c47ef3b1b6e0fbaf6a59d352e7f9b4b7230636
SSDEEP

393216:kpUxqEMdP40UVS0FnQEd/lK0wZ2bViTzQvNhPc:1eg0US0tQEd/0w9nc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ftcsetup.exe

Files

96912e37f42e6fcec4be8af9d5c155c2_JaffaCakes118
.rar
ftcsetup.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url