14cf61abd678d080bcafbee9a27bfdbc_JaffaCakes118 | Triage

Sharing

General

Target

14cf61abd678d080bcafbee9a27bfdbc_JaffaCakes118
Size

349KB
MD5

14cf61abd678d080bcafbee9a27bfdbc
SHA1

e4bca3d5d92fd6f7e4e0fa93d4e59d20ab341c41
SHA256

4e6a8870ee55b5481cfd27eac710a2a71f906f766c292f4034938e1f64db76ef
SHA512

30b727fdbc36ed49f61300fbcf16dcbf45c4bf62bd7e37c882e8050eb6658fe3688ec9904809508078d0134caaf2276748ea2dcd31a064ee4c5f6b31f18d72b4
SSDEEP

6144:d7q/HAmnbdQoFL9DzE7UamtZM7itaN5Lwn5uJ/I:dEnqo73E7IdcNhwsw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14cf61abd678d080bcafbee9a27bfdbc_JaffaCakes118

Files

14cf61abd678d080bcafbee9a27bfdbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170706源码集合\20170709小七vip压力测试专业版1.1源码\NewTest\Release\fack.pdb

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hgtrr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rol
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE