53480cb9329b7218add8cc10c414ffd2_JaffaCakes118 | Triage

Sharing

General

Target

53480cb9329b7218add8cc10c414ffd2_JaffaCakes118
Size

11.2MB
MD5

53480cb9329b7218add8cc10c414ffd2
SHA1

569b33f22a3255c56891ce75d66f75fbc90bd63e
SHA256

b93e023474a740b7a3fc2bafb1b411eebe0945f275a24b3b4748b0ed06106601
SHA512

05ddfe0a1e7b346d7588af815f8ac0e6a32137b66c164852ddb46e84ad2f2ee40ff1819e7773495d40bf0c68d18e890a83c448b9f8f25c05778017588c0fe344
SSDEEP

196608:A2h3Ou8xkJJiy3rH52PMSkzobaQjWMp16BC2N31MZIWHPf+IiXHF:A2he1xkniybAMBzMa0WM6BvlJWv8V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ghOst远控详细免杀/ghOst远控详细免杀/ghOst远控详细免杀.exe

Files

53480cb9329b7218add8cc10c414ffd2_JaffaCakes118
.rar
ghOst远控详细免杀/ghOst远控详细免杀/ghOst远控详细免杀.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 147KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 50KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 372KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ghOst远控详细免杀/ghOst远控详细免杀/教程说明.txt
ghOst远控详细免杀/作品发布指南 .txt
ghOst远控详细免杀/免责声明.txt
ghOst远控详细免杀/黑吧VIP培训.txt