0a889b458cad1a375925d00e322c3224_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a889b458cad1a375925d00e322c3224_JaffaCakes118
Size

738KB
MD5

0a889b458cad1a375925d00e322c3224
SHA1

c281671d90e70d9e3acbcb586de02ac9c4bd5911
SHA256

b9476c090693efbf670f0468fbe446ba39c1c3381fb68d463def4244b2d511dc
SHA512

4fac92c007d14c9ae02b73f3c14e07819c6978efe9de49025e23dbd1fbe3d12b8cc873901d17bd51d0aae6d68b48087c3a296e8c18bc7ddf3e54f096b856e0c9
SSDEEP

12288:PmgZf7b8Aj8P2051jw2EF7jM/gIg645XrhfCu0hLkjQqCyLaPhXpnOFJESIb:P998AjngpEdA/gVB/g82Pb+0b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQDDP.exe

Files

0a889b458cad1a375925d00e322c3224_JaffaCakes118
.zip
QQDDP.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 465KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 266KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
˵_Readme.html
.html