cfda593406d0bd5a70c2688ab6f247aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfda593406d0bd5a70c2688ab6f247aa_JaffaCakes118
Size

17KB
MD5

cfda593406d0bd5a70c2688ab6f247aa
SHA1

a07e72d2feee3510378574ecbb0d484306d6c52d
SHA256

0465263ead708efbdd7dd0ec3a44683d5a447070f9a72a7666765f4fa2ccd45d
SHA512

a5dc13305909a66bdb34b8741cf6811c799a4c58e71d4a4397288af21a082e41291c62d1b384e293f043cc70aa5c5aa9a6cf84f7a6a7c03162aec302f84e2843
SSDEEP

384:+08DmcQ8dHpNiXZfuAJmru83pF7TZYWPuIEGJOFlN:+08DmcQ8dHpNi1uua71YWPm

Score

1^/10

Malware Config

Signatures

Files

cfda593406d0bd5a70c2688ab6f247aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

11:af:28:14:42:7f:82:ba:46:04:40:ca:66:6c:74:95
Certificate

Issuer

CN=Qizhi Software (beijing) Co. Ltd

Not Before

31/12/2007, 16:00

Not After

31/12/9998, 16:00

Subject

CN=Qizhi Software (beijing) Co. Ltd

e6:fe:ad:bc:28:f0:16:24:66:47:6f:08:47:6d:88:fe:96:73:8b:86
Signer

Actual PE Digest

e6:fe:ad:bc:28:f0:16:24:66:47:6f:08:47:6d:88:fe:96:73:8b:86

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.packed
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE