0e11ed882c472b9efc63a9182f2ca4c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e11ed882c472b9efc63a9182f2ca4c5_JaffaCakes118
Size

92KB
MD5

0e11ed882c472b9efc63a9182f2ca4c5
SHA1

93836d95aec008f0e7307fad9384d691312280ac
SHA256

7407a4bf94941dfa3f6eebaac3c1afadde8f4069fd382e9d8beffb4dd163c710
SHA512

fd2a18d9982fd1d8ea65302349ac1c0932a888d3cdf410e26ce8cd7e85014807d45c6bea2cb919326fb07131454b5d99fbb29d2e73da6fd918773bd45201b091
SSDEEP

1536:PPFYeqdril+otOrX4eGIvcC5qIJV19+12ABen1KtNoVtgPyy/8+jWWesdz:HSeIi8iOrIeLv75qQo5BenstN6ny/8+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tftpd32带毒.exe

Files

0e11ed882c472b9efc63a9182f2ca4c5_JaffaCakes118
.rar
tftpd32带毒.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

z6rc0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z6rc1
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z6rc2
Size: 667B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE