13fa751419745a7e5c933b801e2befd8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13fa751419745a7e5c933b801e2befd8_JaffaCakes118
Size

139KB
MD5

13fa751419745a7e5c933b801e2befd8
SHA1

80164ba972bd395fd12b4dcc1c2ea867d47cb807
SHA256

9c308bb123815a7cd11eb0532a67e264fd8a86ae7c8a912910efb41812f697fe
SHA512

d25ed2cb7b519072027f58db070c4805dcd4d3436ffee108dbcc67a841162c67681053a59f10286135eff0525c4eb5a1ce7a92505ec90a69b3fd87b664ac2fd3
SSDEEP

3072:7ETOXRjfl05t4WFoQ6eaEXliUGQ4vSqivxEVUn:jVf8oQBakliUGQ4vty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13fa751419745a7e5c933b801e2befd8_JaffaCakes118

Files

13fa751419745a7e5c933b801e2befd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Flyff-VS2017\Source\Updater\obj\Debug\Updater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ