ae720f49d9f4ce940fd2a0e18a05a8d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae720f49d9f4ce940fd2a0e18a05a8d6_JaffaCakes118
Size

3.9MB
MD5

ae720f49d9f4ce940fd2a0e18a05a8d6
SHA1

3649ad62b94cb8013c88747017b6cf1c2be3b53a
SHA256

e712ef048cc138498ffa065e28655e16707bb4743cb6687df9eb7a5e5096d2ac
SHA512

17b8a8c125f181f6df89dfcaf40a7640c2258cf291c60de6bdb6d91540c80bfcf80c88c81d4e4c26b745140604cda95feb2becbec902ebaac401d32a86bfc30a
SSDEEP

98304:Q04wVco0z4hZnznG/YTuVeoURTOHr1NrNpCDQMKmaYA53RMK6sbp2:Q0FNrj5TuoxTOL1NrN8QMPXgBMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SDbox.exe

Files

ae720f49d9f4ce940fd2a0e18a05a8d6_JaffaCakes118
.rar
SDbox.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot