02b4ffa608f7e23a578764817923badc_JaffaCakes118 | Triage

Sharing

General

Target

02b4ffa608f7e23a578764817923badc_JaffaCakes118
Size

817KB
MD5

02b4ffa608f7e23a578764817923badc
SHA1

ef3cd5a1c5f7c77ab790417d124b485113e8c46d
SHA256

fa7f2522ffc8fe49aa8549ac4b95b57bca2d8fe1089b17720c17b172dfd24fd4
SHA512

65ee15fd2bc4a238f923bceec787bdfab6ee9f50d115420d3409f82ddf1fc4f96534b51b73891df9b7d428e41de4b52b81750f8e6211355a2a25ac38d2fb581a
SSDEEP

24576:VXGiB4JHohidTUGYlu1y1RLhFplY2IxQ939bVKI:V2ivUdTUGYlMy1Rzp04399

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Oem7f7_6686.com/Oem7F7.exe

Files

02b4ffa608f7e23a578764817923badc_JaffaCakes118
.rar
Oem7f7_6686.com/3837网址导航.url
.url
Oem7f7_6686.com/Oem7F7.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

OEM0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OEM1
Size: 804KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Oem7f7_6686.com/常见问题.txt
Oem7f7_6686.com/绿茶下载站.url
.url