117bdb6e0280911dd49fa1a4d1c289df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

117bdb6e0280911dd49fa1a4d1c289df_JaffaCakes118
Size

2.4MB
MD5

117bdb6e0280911dd49fa1a4d1c289df
SHA1

36616bba2e17252de0300f491e38e80eceb64edc
SHA256

1af97c1541fedf2079337e01aca50c2ad6e4875ce2fdf969766985dcaf1c89e7
SHA512

fe49a79830d568bd4c77fe27b6dc37ad609b59b4c164af4fb998f3b70c4f86f32e0ebd48f2b9bf6c56984f5f17daade9bda6647e6037d4087e31dec990495ec4
SSDEEP

49152:e3TTvMBAgTpFRy4ryCmjOmWBZozD6z4w1K6fyHOiJ8qqvlJ:ejTvMCg5ygyCmKxZoCz476f478V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hypt/hypt.exe

Files

117bdb6e0280911dd49fa1a4d1c289df_JaffaCakes118
.rar
hypt/hypt.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hypt/飞翔下载.url
.url
hypt/飞翔下载说明.txt