e9c753b0119ed315867031bc35bc3391_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9c753b0119ed315867031bc35bc3391_JaffaCakes118
Size

32KB
MD5

e9c753b0119ed315867031bc35bc3391
SHA1

fa2ccf415fdf08e937df1463a64aa8c1df68924d
SHA256

9079fb5c47e1acd0b91e6c1abd386f8844dca6c05c5b88a0f3b02bec13bdeea2
SHA512

b10813d17e29721768b1e47760930d2d9c2d7155f18f210ab019cee15b69172931727f2cfe34bc27bc99211f074c2d5c7e00d49b0c4da5d6fadd6c517076d390
SSDEEP

768:WCv39IoLEUNtTXfAen+DBuGyl4amedhBil:WUTLx/n+DBuGyl4aVBu

Score

1^/10

Malware Config

Signatures

Files

e9c753b0119ed315867031bc35bc3391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

11:af:28:14:42:7f:82:ba:46:04:40:ca:66:6c:74:95
Certificate

Issuer

CN=Qizhi Software (beijing) Co. Ltd

Not Before

31/12/2007, 16:00

Not After

31/12/9998, 16:00

Subject

CN=Qizhi Software (beijing) Co. Ltd

b1:1d:95:37:f2:25:fa:38:65:cc:8b:0f:2a:14:f7:b9:9a:07:c2:64
Signer

Actual PE Digest

b1:1d:95:37:f2:25:fa:38:65:cc:8b:0f:2a:14:f7:b9:9a:07:c2:64

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.packed
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE