0474f99725bc01db40551a46b5d00700_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0474f99725bc01db40551a46b5d00700_JaffaCakes118
Size

232KB
MD5

0474f99725bc01db40551a46b5d00700
SHA1

6bf691c32acd5b11f0cb91d252b901597f42dff9
SHA256

460ea08a797bb8da0a9d8f345fe3d5667c8b394217ada8e018d19cc351d0eee7
SHA512

0384a43084f1ba99e14a73c3454c1843a067c7f81bd4f02051e50cbdfb6681e5eacdfdad485885d81debaeec10244ed9f444d0306a781f75e3d090c9bbdfd56d
SSDEEP

6144:xmBho4d+XKsXBgquCytIeXYI6kWUShkQaEjB8aI0Rr8qu9:QMrRgCyY1PRNjjB8a9u9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WormNimayaxt110/熊猫烧香专杀工具.exe

Files

0474f99725bc01db40551a46b5d00700_JaffaCakes118
.rar
WormNimayaxt110/必看说明.htm
WormNimayaxt110/河源下载站说明.txt
WormNimayaxt110/河源下载站.url
.url
WormNimayaxt110/熊猫烧香专杀工具.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WormNimayaxt110/移动官方免费发短信软件.URL
.url
WormNimayaxt110/金山毒霸2007 无限升级版.url
.url