eb9322b7f1f253f00fbbe676772cf8e6_JaffaCakes118 | Triage

Sharing

General

Target

eb9322b7f1f253f00fbbe676772cf8e6_JaffaCakes118
Size

57KB
MD5

eb9322b7f1f253f00fbbe676772cf8e6
SHA1

fa0513e945dc6e4af60bd50181b5f4abe58b0fc2
SHA256

cbf54a29bc8d80df21d8b356921d4358718603a0d18fc3f38e667b046062ab1a
SHA512

9f16343bf15101bff2f39a697f215d08e2d2f7267dab0d965a216120fd65f422a6e723d7c486b173fcf9ff309616ada73da9b7584b239fa745807cc637927db5
SSDEEP

1536:Wch9GKzKNR6WTrxo+EZwPyxNQFspzep1/PEY95ZbiH2EMzL45:th9cjHxBESPyxCFspEPEw5AH27zo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ha_NetResView-v1.16/NetResView.exe

Files

eb9322b7f1f253f00fbbe676772cf8e6_JaffaCakes118
.rar
ha_NetResView-v1.16/NetResView.cfg
ha_NetResView-v1.16/NetResView.exe
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

Size: 26KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ha_NetResView-v1.16/新云软件.url
.url