97489d719f2211daf7d917b38e269581_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97489d719f2211daf7d917b38e269581_JaffaCakes118
Size

1.2MB
MD5

97489d719f2211daf7d917b38e269581
SHA1

6eb8734cfe99cf6173cd6c483b969b4b9f4d2d1f
SHA256

13651df48efc2569233cfbb2f24a1880237e24057bcc1f7ade29d0c2c620212a
SHA512

2d3558440312eb17f07b5a5e9752853964063bfeb96a3754f5b25db747965d339da695d11b9eedd25bb7f2dd3b55d0f20432e5144295ace47b68633383571b8f
SSDEEP

24576:/80aUTCH+kqIGWxljijRpzn2cgudqrMvjIoO0R3LYqfPJ32p:8UTCHF38HndqrqSc8xp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/桌面管理精灵/全自动软件管理精灵1.11.exe

Files

97489d719f2211daf7d917b38e269581_JaffaCakes118
.rar
桌面管理精灵/db1.mdb
桌面管理精灵/pp.ini
桌面管理精灵/vista.she
桌面管理精灵/全自动软件管理精灵1.11.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
桌面管理精灵/新云软件.url
.url
桌面管理精灵/软件管理.edb
桌面管理精灵/软件管理.edt
桌面管理精灵/软件管理2.EDT
桌面管理精灵/软件管理2.edb