36fe60ad6dc3235170168ed9e63c33ec_JaffaCakes118 | Triage

Sharing

General

Target

36fe60ad6dc3235170168ed9e63c33ec_JaffaCakes118
Size

1.2MB
MD5

36fe60ad6dc3235170168ed9e63c33ec
SHA1

c58ba87f3340c9971ac3a6c9bd822b320afbf007
SHA256

8094045d441c4c32ff5587303cc86dae74378f87392f00388340ca208d875d75
SHA512

96b21403c3b5c5365dfefa2beecb98e5c4a0657351aa358499c5c221996a0a1079c0c76e88b32b8ea94a2fe9020b746fb936614569821d38c03f3730c1798162
SSDEEP

24576:22fs/JNeAerf4ibFm/XhYHLz/X91yCIArQgLqG2tqjX0982oCscXqH:22E/xerfDFyhYrz/X9ZrLLqwz0r8c6H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CF完美窗口化-国庆版.exe

Files

36fe60ad6dc3235170168ed9e63c33ec_JaffaCakes118
.rar
CF完美窗口化-国庆版.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 400KB - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uqztfnux
Size: 848KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hchpkfnj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE