a03b52f41dcc5e018c85fa717832a018_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a03b52f41dcc5e018c85fa717832a018_JaffaCakes118
Size

257KB
MD5

a03b52f41dcc5e018c85fa717832a018
SHA1

aceda017ef55e11a072690fd70c8dd773ea48998
SHA256

fe42971a756965fe31462fbd7147bee9ffc060a078d5c1c618e4eacdc54feab3
SHA512

1cfc29ae8dabcb53c9ef3277fac50001ba8b83feaface17da6a70267971a2a52c9a2661bcc010b97b69aa418dd4fd7174d1a12b468347157bbe18dd788697ffb
SSDEEP

6144:/KjL/HfO7c2en9hVRWD/LMhGCo6N8OCOOQ+xaLNHD3Ia3aqt:/suc2e9hVUIhGaYOXNHLZas

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/双龙文件加密大师.exe

Files

a03b52f41dcc5e018c85fa717832a018_JaffaCakes118
.rar
155绿色软件站.url
.url
双龙文件加密大师.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\编程文档\VB.net\加密大师\V1.0\加密主程序V1.0\JiaM\JiaM\obj\Debug\双龙文件加密大师.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 869KB - Virtual size: 868KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ