ac3eff86ef114500dc9fa2ac67704b1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac3eff86ef114500dc9fa2ac67704b1c_JaffaCakes118
Size

2.2MB
MD5

ac3eff86ef114500dc9fa2ac67704b1c
SHA1

71769c68e735c6bdb498bd3346b0cce391fba02f
SHA256

5a2335de8c4cbca0ce2adc5245c8a9066e21127acc6da07e29fc2b76100ef44b
SHA512

7d7efdb8851869373d5325f458884d5ff96c603e07486036b142d5dd31f88280af59b9abcea7dc25901e3038941857e66e39cc8e9405559f4439e443c2bfe132
SSDEEP

49152:TOPBhfQgHCaFwOiMhBXWWLFOFE00UnuIVA8c+/cOjM7HHz0YvH+yXtvECvX:qfJmOHXWWLYnuIVA8c+/c34YkCvX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HA_VisualBoyAdvance1.80beta3_LRH/HA_VisualBoyAdvance1.80beta3_LRH.exe

Files

ac3eff86ef114500dc9fa2ac67704b1c_JaffaCakes118
.rar
HA_VisualBoyAdvance1.80beta3_LRH/HA_VisualBoyAdvance1.80beta3_LRH.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.Ray
Size: - Virtual size: 624KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ray
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ray
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HA_VisualBoyAdvance1.80beta3_LRH/VisualBoyAdvance.JPG
.jpg
HA_VisualBoyAdvance1.80beta3_LRH/新云软件.url
.url
HA_VisualBoyAdvance1.80beta3_LRH/汉化说明.txt