d0563d902afa5e0a2c7740edbd7f2918_JaffaCakes118

General

Target

d0563d902afa5e0a2c7740edbd7f2918_JaffaCakes118
Size

178KB
MD5

d0563d902afa5e0a2c7740edbd7f2918
SHA1

5e2dbbb5c299de029d99100da351526cbb436327
SHA256

4e3997e7eeb20c295d81a754744405ec169dcbfeba8e0adf7629976047f1c472
SHA512

6c15fb8cbf4f6f5bfe005a574e75166cce34d556aa748623575673cf69d20b003fb4e492f879a516f063bee597a97e73c6a1cd9723f1323bbb4672ebbaea024b
SSDEEP

3072:/PVsxlFyJwPimNBqWACQE1zJMLVF3EXzKOe18NeDyPHBdUqV8HbBF+wbSBfuYf+X:/PVW0JwP5BqRWSV1EXzg1up/UOEbO9BS

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/portscan/VIP网络端口扫描.exe
unpack001/portscan/lib.com

Files

d0563d902afa5e0a2c7740edbd7f2918_JaffaCakes118
.rar
portscan/VIP网络端口扫描.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
portscan/lib.com
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
portscan/使用说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 117KB - Virtual size: 117KB

DATA Size: 2KB - Virtual size: 2KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 9KB - Virtual size: 8KB

.rsrc Size: 61KB - Virtual size: 60KB

Headers

File Characteristics

Sections

CODE Size: 117KB - Virtual size: 117KB

DATA Size: 2KB - Virtual size: 2KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 9KB - Virtual size: 8KB

.rsrc Size: 50KB - Virtual size: 50KB

CODE
Size: 117KB - Virtual size: 117KB

DATA
Size: 2KB - Virtual size: 2KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 61KB - Virtual size: 60KB

CODE
Size: 117KB - Virtual size: 117KB

DATA
Size: 2KB - Virtual size: 2KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 50KB - Virtual size: 50KB