dfb1dd7881c69d59672e7030516dde80_JaffaCakes118 | Triage

Sharing

General

Target

dfb1dd7881c69d59672e7030516dde80_JaffaCakes118
Size

10.3MB
MD5

dfb1dd7881c69d59672e7030516dde80
SHA1

4449ee88879912b68a3166d2eac5c4be8c4d3511
SHA256

0a95340a2e51ffa04336cb4ffa2600d2e84d0c8cd6dc1c84f55ecf5325f5ef0d
SHA512

381915bfa86307fef95c4b66bd68b1140a9e6679cfdcef34ab7590a8f9eff2de7daca6de1bc81312b0e732755ccfa9920fee4bb06d820620a9ffbe112d4ca91a
SSDEEP

196608:wl2F+merXyDj5A/NJF+VoNFtGMryo/lWilBaBPvmheJw2P0rphnVuDh0M:/+7rC/CNJF+CFtnZoiAP+he9sL0d0M

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HB_SpyEme06-30215_CZ.EXE
unpack001/se-setup.exe

Files

dfb1dd7881c69d59672e7030516dde80_JaffaCakes118
.rar
HB_SpyEme06-30215_CZ.EXE
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

LoadLi
Size: 4KB - Virtual size: 1830.1MB

Size: 280KB - Virtual size: 4B

��
Size: - Virtual size:
se-setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
spyeme.jpg
.jpg
spyeme.md5
下载说明.htm
.html .js polyglot
安装说明.txt
汉化说明.txt
非常世纪资源网.url
.url