b17dfe9d10f0ae312eb6dc97ae934bc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b17dfe9d10f0ae312eb6dc97ae934bc3_JaffaCakes118
Size

1.3MB
MD5

b17dfe9d10f0ae312eb6dc97ae934bc3
SHA1

2a653df143fe5eb552494f7d16a8a5930670684e
SHA256

bfbb4b2d36053e9d0c9f4f5e23d4025d0eb333ba0325a50dc5105325adfea9d8
SHA512

708b481760ee031dc82cedf74dc9db1d49f11db2ebe523c0f11f575d50279fd968296a6c74bb23dc408bec24de32681f3d56f49296429d4afccad9cfcd78a0cc
SSDEEP

24576:HFWw1teVd6d0TKSWDlfxwEP8A6Sw3a880boGzEyAf3S0xNydOV3JjU5weSn3:HFWw4dSzzcUclq8VMBZxwwV9UK/n3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/迷你豆精灵.exe

Files

b17dfe9d10f0ae312eb6dc97ae934bc3_JaffaCakes118
.rar
data.dat
getsystem.dll
新云软件.url
.url
软件使用说明(使用前请务必细看).txt
迷你豆精灵.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.add
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VM
Size: 1.4MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE