d10aa74f0aab6aaf716f6ea26ca3ea3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d10aa74f0aab6aaf716f6ea26ca3ea3b_JaffaCakes118
Size

1.5MB
MD5

d10aa74f0aab6aaf716f6ea26ca3ea3b
SHA1

9e1e2d683afa7a394455d9b3ea74051429f62ed6
SHA256

e641c76cb93f07962e9bfa0bf2f4559b07945c8ce60c19043f64601acb2ee8ee
SHA512

fd6f48d7a02635f97103ddd6b15ea343120de5f0375286d737aedbb03fe0a3f6e4ca6c60f638d94ce5d20b4525426135dfeae664ac6c493e3dae5cc5d6304570
SSDEEP

24576:Y9fizImESXSBCQH1Hs+fGjLkkEGa0tC1kBlnoEl3SZ4Pc4NRgTrVgeoWYC3ipM/z:MiESiBCQHRs+ILYyEkBGw24Rg8CSpM/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HA_ExtractNow4.21_LRH.exe

Files

d10aa74f0aab6aaf716f6ea26ca3ea3b_JaffaCakes118
.rar
ExtractNow.JPG
.jpg
HA_ExtractNow4.21_LRH.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

heat.ray
Size: - Virtual size: 200KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

heat.ray
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Soft2CN
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.htm
.html .js polyglot
汉化说明.txt
非常世纪资源网.url
.url