efbb973bc922aa10d4b267bf0ce47f55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efbb973bc922aa10d4b267bf0ce47f55_JaffaCakes118
Size

4.6MB
MD5

efbb973bc922aa10d4b267bf0ce47f55
SHA1

8885799cfc723f6b8133dd85c323e5cc60675d05
SHA256

b26da9df215820187c3a12bc9e3a7f559b17b225867d2d9fd7d04c54945ecf15
SHA512

a98560cc3bee7f1ef46cfd1283ff451c19d48992dedc492a811cb28d5353c307e713d072ca389b9290cbeb9986c997fdcc9d13d82387c7db01e4ab83bac50ac5
SSDEEP

98304:99WJ4i0njZC0qpiAX/2o7Tj07DC6bPMBBte15sP2ofpIGggC9YAuCIpd:9AJwl7/sK/kHtdRIQAudf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HA-AplusD2PPC_v828-FzH/Setup.ExE

Files

efbb973bc922aa10d4b267bf0ce47f55_JaffaCakes118
.rar
HA-AplusD2PPC_v828-FzH/AplusPPC.jpg
.jpg
HA-AplusD2PPC_v828-FzH/Setup.ExE
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.S2C
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FzH
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HA-AplusD2PPC_v828-FzH/新云软件.url
.url
HA-AplusD2PPC_v828-FzH/汉化反馈.url
HA-AplusD2PPC_v828-FzH/汉化说明.txt