0242ee0942ca8af65503c5cf47715996_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0242ee0942ca8af65503c5cf47715996_JaffaCakes118
Size

433KB
MD5

0242ee0942ca8af65503c5cf47715996
SHA1

4621fabb7bc799d821600ce8f92902778762d36a
SHA256

16e1a18e0edf9576b60edf96359302cb1a6df3225a844d453a14547e961fbe2b
SHA512

913ec66a90031214d65a30261829d73ffb92ef4158bf761e7074892a1c6be348168ad974fc4c60a99bf6b1164ec806c68c2f2022b6a4e3cd8cc959b5e10e5b7e
SSDEEP

6144:e1t163GwMVbF5P7ZcUGd0otYvcMEwt0YJXUXYu4Trsr/W7Ut2:gsV877ZcNSot8cXG0Y6YQ/js

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0242ee0942ca8af65503c5cf47715996_JaffaCakes118

Files

0242ee0942ca8af65503c5cf47715996_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\jenkins\workspace\clinic_trunk_compile_browserplugin\basic\Output\BinRelease\BDWebAdapterSvc.pdb

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pmj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE