0b39940198120cf4f1864be0625055b7_JaffaCakes118 | Triage

Sharing

General

Target

0b39940198120cf4f1864be0625055b7_JaffaCakes118
Size

352KB
MD5

0b39940198120cf4f1864be0625055b7
SHA1

e84132f599c0c4c341a81be914a2201b6690d790
SHA256

14e18cd239bc49b49299b671bd2e36a13f84b7a3c3081632b83a45185667f7cb
SHA512

e5c86afa4724e22f17a900c0760910bf359924153884e41adf05ace2fa787b0432c792e6288907977465e95b695254f7dda4dc6bcf135a33ec7288e87d749bf9
SSDEEP

6144:4/LZTl+P4TEt5ayIgZROcS1B1z6n1XKiQx79LkyMID3B0M46xDhWG:iLZTEltBv+Da6iI94BID3Bv46xDhWG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b39940198120cf4f1864be0625055b7_JaffaCakes118

Files

0b39940198120cf4f1864be0625055b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\workspace\Bdbrowser_branch_2015.03.06_v7.4_104_safecenter\Basic\Output\BinRelease\bdupdate.pdb

Exports

Exports

??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.oli
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE