0319c8be301654e5e1eadad2cef44953_JaffaCakes118 | Triage

Sharing

General

Target

0319c8be301654e5e1eadad2cef44953_JaffaCakes118
Size

644KB
MD5

0319c8be301654e5e1eadad2cef44953
SHA1

09c38c443ddeb85f113acd16124a8b856905858e
SHA256

954b5e359e68dbe61341363e93d3b369035aa907c393f07a79ec80a96ab814a1
SHA512

a0ba77de25e265061d5c0e90d62512d0fdb337d909610dd83eb569d9f2a36b03a4b9ddc747b01f14ba733073ae1c2a8f80f69b0020c955f89242d0c7ccd7bd2b
SSDEEP

12288:C/ap59apgYKcEapMGHOox5ZteHb94xGLC9uSQvS8jc:C/w5S9nFMGHJZrDQvxY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/真心金牌绿化.exe

Files

0319c8be301654e5e1eadad2cef44953_JaffaCakes118
.rar
安装必读文件.url
最牛的单机游戏下载网站.url
真心金牌绿化.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 647KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
软件使用说明.txt