3efed771c64d690aced2b573445bc4c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3efed771c64d690aced2b573445bc4c4_JaffaCakes118
Size

63KB
MD5

3efed771c64d690aced2b573445bc4c4
SHA1

f3c1d5a8ccea683bee5b57d6cb7dad7f1254aac7
SHA256

877db821e247bc6c6bb807b63d7e7dde5609d718e8566acfe35fc06764959d63
SHA512

fade7d10d311987c9c94562c80f92eaa1d5f2eaf04a79f89c9387ab515bcab4bae6ebd573fe7171569047789419eabbb1c1afc6b9066bad64fdc5108811bfc73
SSDEEP

1536:SgPznISznL/4liIfzOmg7veoI/sQG+sl3BTBlwXBwvPiBbBFPrW4zOg5I8b:SgPznISznL/4liMSmg7N9xRrw2y1P/zB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/卡iPhone在线工具.exe

Files

3efed771c64d690aced2b573445bc4c4_JaffaCakes118
.rar
卡iPhone在线工具.exe
.exe .js windows:4 windows x86 arch:x86 polyglot

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ