a6da97134ea3db2e948ebe3153207170_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6da97134ea3db2e948ebe3153207170_JaffaCakes118
Size

2.2MB
MD5

a6da97134ea3db2e948ebe3153207170
SHA1

701cd8118a88bf02d97dac8ec7d7d3918fa35902
SHA256

4aec85b76d05e972fb4260b66d1b4c6c64fd3bb4230f45d19fdc0793b2d68ac5
SHA512

d0a1f29f8ce5cf6c0637f41a22229eac84c52993a78512f3e6c48f43b0c9f30eaf44ecae8e7811777cd324b931783af10a5644f801be785ef826123a4e453cab
SSDEEP

49152:5KtKwpRrVmipEzIhqiiCuI7e9ofiz8TgpRYcNqKmTrovL+RZj804Ogf:iKwp+ipISZiCu0GoaI6OUq5HojId804B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/残破0.4.exe

Files

a6da97134ea3db2e948ebe3153207170_JaffaCakes118
.rar
155绿色软件站.url
.url
残破0.4.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

VefzMS8h
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yKtY2VAl
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rYrG5f25
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gHQpZ4pj
Size: 686B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cvsVkwkU
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ