ad2fef44e0ff4d544e2fac62f18a72d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad2fef44e0ff4d544e2fac62f18a72d2_JaffaCakes118
Size

9.4MB
MD5

ad2fef44e0ff4d544e2fac62f18a72d2
SHA1

57b2acb9d0293acf97a856857aae022d7e77e389
SHA256

6aaa66aca9dbb3349fb0610fa0b935b1c4ba005b68a1bbed84f8bf12687cd11a
SHA512

e4a4bafe116e46b9b3398d8a5a08a71c1623f88b3c82b72ce7eefa9b3e13289da37d3597aaaad05565737d73901495a94539ed328a1137d278ea2c2ff892cea4
SSDEEP

196608:z1VGtSQbjJ3l8L1W8MGZB1X+N6OrNH2/qM0W65EkDdpObstCb:ReJH8L1W8tZB1X+N6OZGqM0WpkdpObTb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/创世免费VPN代理2.4/CsVpn.exe

Files

ad2fef44e0ff4d544e2fac62f18a72d2_JaffaCakes118
.rar
创世免费VPN代理2.4/CsVpn.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Czmjt2o6
Size: - Virtual size: 10.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dGPP2cgh
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lls6aGIn
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

48MJoSLF
Size: 173B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7X9uuQus
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
创世免费VPN代理2.4/使用前必读.txt