d52f8ab8e4fd4fcc7b2fa443ee3fcad2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d52f8ab8e4fd4fcc7b2fa443ee3fcad2_JaffaCakes118
Size

267KB
MD5

d52f8ab8e4fd4fcc7b2fa443ee3fcad2
SHA1

4e4abd4d10e2cc2145fff12bbc40c143b745876c
SHA256

6ba40ac8e9572710875192cc40787eeb9a10cc7715970728d3564e0aa5cda42d
SHA512

8e2ba0669a102d625efb4558e6cbaf68c9aeef8ee739f8cb2f8c36900b6efb7241d7b1c679d5b90d00725c8d7003b7b3c9ba5e2cf1ee4281c17db697fd7a10cd
SSDEEP

6144:yx1X80t93fdKwnMPspUOXaCMVTc5REd3Z2zAQEIOeAqEF8XDdB:W80t9VHMuUOqdVIeTgEydB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/驱动器隐藏与禁用.exe

Files

d52f8ab8e4fd4fcc7b2fa443ee3fcad2_JaffaCakes118
.rar
绿盟.url
.url
驱动器隐藏与禁用.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

code
Size: - Virtual size: 508KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

code
Size: 254KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE