growtopia | af382cfb9632dde6f7de3f2d0a76e103_JaffaCakes118 | Triage

Sharing

General

Target

af382cfb9632dde6f7de3f2d0a76e103_JaffaCakes118
Size

426KB
MD5

af382cfb9632dde6f7de3f2d0a76e103
SHA1

2ace18dcd993145b4367dbb13cc1b5e99c3eeaf0
SHA256

44d150b890d0d9440e430d47f2b5aeb2c6b5148bbe8cfabf83dcb4f89abdef2e
SHA512

4987935c732c974760b0de0d54bdef75ce0a75cf88d698e3014b974828f2d370576aa7dd79ac661f14141fd36b41e844f581a9808ea2f6eabfbc3ab5b7fba0cf
SSDEEP

6144:tYvr7D1PE/3BcL9l5bUsgFxvJqBIeAZtvHLPKKzAI17JY0H+kK1e:tGPD549FRaSkT1e

Score

10^/10

growtopia

Malware Config

Signatures

Growtopia family
growtopia

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
af382cfb9632dde6f7de3f2d0a76e103_JaffaCakes118

Files

af382cfb9632dde6f7de3f2d0a76e103_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ