07d174cf3dbed9f0c1a0217397f8c00f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07d174cf3dbed9f0c1a0217397f8c00f_JaffaCakes118
Size

11.1MB
MD5

07d174cf3dbed9f0c1a0217397f8c00f
SHA1

a3484cb8c253bb2a73b45e2d0f3a456e01af4f8f
SHA256

d78cde3786ef016c99ebd774e5f3703eb68dda7c43f4a17a8b6b25b7ec443125
SHA512

0e79838961c9f1a37f4d96ea0142889e1e97647658ad307b2c911f9ea338c6e4a1eba9084e3074d8b43be5fd95fdb89cd2ad29501dc27ee728c37c2d74b74ded
SSDEEP

196608:oisCJriEJP/Bd8wpbF3jaPNlqkUBY6FSLuEzB:oisCJJZ/npbF3jENlqkUBYBP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d174cf3dbed9f0c1a0217397f8c00f_JaffaCakes118

Files

07d174cf3dbed9f0c1a0217397f8c00f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\vss-od\Silkroad\Client\Out\SRO_Client.pdb

Exports

Exports

fcEXP

Sections

.text
Size: 9.5MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.newimp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE