0ba6b0eed7d55748e46c5be6b310a6c3_JaffaCakes118 | Triage

Sharing

General

Target

0ba6b0eed7d55748e46c5be6b310a6c3_JaffaCakes118
Size

305KB
MD5

0ba6b0eed7d55748e46c5be6b310a6c3
SHA1

676c9de9a4bcc70f0410dc8cb1be9764df1b9cb3
SHA256

9b9d9d656c951a946de6c41041bc7cbabc01826a27dbe21bac82372448d97e53
SHA512

7a171f8a9620e6d2ca275b21a13a8d40df25a8daad48cb00bd413a281bb7e725aaece34e1a92bafdecb8fbb69fbd28b88f127cd699baaad48683a157a1314855
SSDEEP

6144:Y2iXWNqlzgXOTGDjzLA7uqFmFtxl00gKc5iEfWL2B0UYd6fGdq:zbIlzgXOTGfzU7uqwFLOCLXTQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/guangwaiyouling/gwyl.exe

Files

0ba6b0eed7d55748e46c5be6b310a6c3_JaffaCakes118
.rar
guangwaiyouling/gwyl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 308KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
guangwaiyouling/河源下载站-cngr.cn.url
.url
guangwaiyouling/淘宝热卖.url
.url