06a1609d4631153e3fa382273471367d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06a1609d4631153e3fa382273471367d_JaffaCakes118
Size

493KB
MD5

06a1609d4631153e3fa382273471367d
SHA1

4bae8989bbbb126dcd077bbb61adabffaa3a3781
SHA256

1306045deb0c59186906e4116b47f53dc6586655f0caf325b7ba2504057bf15b
SHA512

0a2b5c227af59b4b8417ecaf24c27fa7e7adf2db54c30b1c99e98f00e3d14a9bff089f2b35debbcde043d8e0a7900d1a9a5d1ee1a02ab2760ac51d678fb4456f
SSDEEP

12288:zGxmNjXBK6GYV8+Eo0DFuyqj93F7AzrUvp:z1jYYV8+Eo0DFuyC5F/vp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06a1609d4631153e3fa382273471367d_JaffaCakes118

Files

06a1609d4631153e3fa382273471367d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\buildersystem\7695\workspace_7695\Sources\KuGou\branches\release_7695\bin\kugou.exe.pdb

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gda
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE