b1fe31e4484f28a1d3cc9e32b491b7a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1fe31e4484f28a1d3cc9e32b491b7a2_JaffaCakes118
Size

3.8MB
MD5

b1fe31e4484f28a1d3cc9e32b491b7a2
SHA1

969528e650ac2bcbb8d1bdc52edff1eeb2c4b008
SHA256

6b67d3d44ae10c87e4d82e6a5f1e01247095fef8d57ab916a511851db1c9dc2f
SHA512

b038540ef96bb407587e55587d432b7b9cf60f234ecaf3abdc7ce42b77553915bc9658abd9cd7d3c5789be4e461cf482374f420aed02799c85fa2ebf5166e637
SSDEEP

98304:3ELS6QB2LGNGqdPgXSmmOdzl5sLdlTGLlEq6ZP9fwkdJPkYDO6:0+69r3XSmmOVluLTK56Z1fwkdJs2J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HomeMoneyManager.exe

Files

b1fe31e4484f28a1d3cc9e32b491b7a2_JaffaCakes118
.rar
HomeMoneyManager.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme-说明.htm
.html
新云软件.url
.url