bea1fce1d7b844abe5cfa66b7768b7f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bea1fce1d7b844abe5cfa66b7768b7f2_JaffaCakes118
Size

103KB
MD5

bea1fce1d7b844abe5cfa66b7768b7f2
SHA1

c070639463a4c98eb494b6df7d1d96b2fe41d1d3
SHA256

9893b5f56c8744d17a5bf0ffb4b9ec25d0b9fbccc0d2c76b08a0b3e5f9cdb08e
SHA512

d9a5b7fc00ebe0b0272e030d0f21d31503d6c106fe95f06d0552a754ee2360c09e7ac840b4995a9a5ad95ba4eb71c8717d718eb3ac9f4815ba6066ac07b1d37a
SSDEEP

3072:vrtXJpfmOfR3p6r8ZoQ42GiFV6us1ngojDUE:JJYa36r8CQc86ufE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/yhjs.exe

Files

bea1fce1d7b844abe5cfa66b7768b7f2_JaffaCakes118
.rar
yhjs.exe
.exe windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 75KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.opgrwh
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vgnktk
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新云软件.url
.url