15446a39801b6803849fef25c20cc837_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15446a39801b6803849fef25c20cc837_JaffaCakes118
Size

1.6MB
MD5

15446a39801b6803849fef25c20cc837
SHA1

281e9bf8a05c5969ea99a90dd9066a9121cd084b
SHA256

68ac5010c7ec92ee4789ba1d1a4fd81f1d36cd06fb286022ef80066b1b899ab0
SHA512

13634bd86921f4a00d0b4663e9ee0b1acb96586a063a9189dc0f295ae3c028209caaea2eae5d2ca37dd12dd6faa789285b8aa1f287a27d2c43bb40b6886212b0
SSDEEP

24576:QyVJVOIpUkMPHuZ7JiAALQC+dUs2wELDURwMjUviaQKDXCpoJHIFd8zZoJBObGL:RVOMUjPM7JiAAs1eqHRw9zDcoO78zL6L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/阿拉QQ密码潜伏者 6.2/阿拉QQ密码潜伏者6.3.exe

Files

15446a39801b6803849fef25c20cc837_JaffaCakes118
.rar
阿拉QQ密码潜伏者 6.2/ASP文件/QQWry.Dat
阿拉QQ密码潜伏者 6.2/ASP文件/QQ木马ASP说明.txt
阿拉QQ密码潜伏者 6.2/ASP文件/ip.asp
.vbs
阿拉QQ密码潜伏者 6.2/ASP文件/mail.asp
.vbs
阿拉QQ密码潜伏者 6.2/授课专用壁纸.jpg
.jpg
阿拉QQ密码潜伏者 6.2/使用说明.txt
阿拉QQ密码潜伏者 6.2/内部专用桌面.jpg
.jpg
阿拉QQ密码潜伏者 6.2/密码说明.txt
阿拉QQ密码潜伏者 6.2/必读文件.htm
.html
阿拉QQ密码潜伏者 6.2/戴威尔网络安全培训软件下载.url
阿拉QQ密码潜伏者 6.2/阿拉QQ密码潜伏者6.3.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.textbss
Size: - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 857KB - Virtual size: 860KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 539B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ