a3515c2a6c8c90c68c846b8e9602d626_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3515c2a6c8c90c68c846b8e9602d626_JaffaCakes118
Size

142KB
MD5

a3515c2a6c8c90c68c846b8e9602d626
SHA1

420ba8688ddbf0cc92eb526b2ade495740db6ea0
SHA256

03c2996807a6b7ebf82eca50de5ea3c95fb959466aa59eee9e08a267b6a84db1
SHA512

f1c6d519798c0669696c6ead00d0de0b9bc05cf4d9316eadfc836afe02c883da3153a553286b422f12cff5622e07d0424dcb5dea0a46510e8cadd02b839853ec
SSDEEP

3072:a0s9NCg2DXpYlK0fZn/O8UG2Jr2C93IfdOWYUzraj4nN2Ffd4:aHfCFSlxZn/Onr2C6dO8zWj4NWW

Score

1^/10

Malware Config

Signatures

Files

a3515c2a6c8c90c68c846b8e9602d626_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

11:af:28:14:42:7f:82:ba:46:04:40:ca:66:6c:74:95
Certificate

Issuer

CN=Qizhi Software (beijing) Co. Ltd

Not Before

31/12/2007, 16:00

Not After

31/12/9998, 16:00

Subject

CN=Qizhi Software (beijing) Co. Ltd

4a:90:59:29:96:76:8b:32:11:5d:f1:4b:66:3e:8d:8f:cc:ac:0e:ef
Signer

Actual PE Digest

4a:90:59:29:96:76:8b:32:11:5d:f1:4b:66:3e:8d:8f:cc:ac:0e:ef

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.packed
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE