9369b8bc861693349302f1a5d7a91db9_JaffaCakes118 | Triage

Sharing

General

Target

9369b8bc861693349302f1a5d7a91db9_JaffaCakes118
Size

21KB
MD5

9369b8bc861693349302f1a5d7a91db9
SHA1

a48c89ba89c3636e488c918c66062bc395338b6e
SHA256

cc8235d313d53dc6cf917754f2b8da13ac43251d1a0774548ee3d4a85bf46505
SHA512

b73cc922fbb185e71326322c41669e1aa333ed98ff77854b65e81ba3a3eabeead1c24ab3d7b4822646a06f62ca7e9683d5724d3576248b8efb560da709de9c8d
SSDEEP

384:FoLPkmm59gA7UW5B5T80S9V3chiy8ZVtfqH6VAnLBrJh8mA:ycmE7UWFw0qs0y8ZVtBV6E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ms06040rpc/ms06040rpc(修改版)/ms06040rpc/ms06040rpc.exe

Files

9369b8bc861693349302f1a5d7a91db9_JaffaCakes118
.rar
ms06040rpc/ms06040rpc(修改版)/ms06040rpc/8免费木马免杀脚本检测培训.htm
.html
ms06040rpc/ms06040rpc(修改版)/ms06040rpc/9新世纪网安培训基地.url
ms06040rpc/ms06040rpc(修改版)/ms06040rpc/ms06040rpc.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE