0398ef18290c73adaffa58b1c73a0759_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0398ef18290c73adaffa58b1c73a0759_JaffaCakes118
Size

28KB
MD5

0398ef18290c73adaffa58b1c73a0759
SHA1

2b4c548d0420d399480a113395e34d8eb4cdee31
SHA256

d732b679830eef91b8ea40f33959da8549e21c2e7166a38edefccf490a447da2
SHA512

79cfe0056b4c108112512cd0d05274cd848a9c771f235c30b5b4407161b9fcdd64706b415b4bbebf52c570b32600261ad929c386bdfbc0f974714e484cc543a6
SSDEEP

768:k54PMwlodv6ouG27UD6GYqVhcIsg7aJ78:k5YTMSK27S69qVnsg7aJ78

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/as-trn+4.exe

Files

0398ef18290c73adaffa58b1c73a0759_JaffaCakes118
.rar
READ_ME.txt
as-trn+4.exe
.exe windows:1 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.main
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
www.downza.cn.txt
使用帮助.url
使用说明.txt
访问下载之家.url