20d755c31ad86812355a0c8ea0bc5e85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20d755c31ad86812355a0c8ea0bc5e85_JaffaCakes118
Size

561KB
MD5

20d755c31ad86812355a0c8ea0bc5e85
SHA1

e26cc1106686f805144b063feed5a94c63aa662d
SHA256

140a31527ca31635fcb416156145a9fae6c971c9c1fc63bdedb530dfd11d4d20
SHA512

d4dcc275f92aa415f191e1b2df9514153bc42839cbf90801f200013364d5d168e23b4eabf0f3a893f7b311fff3711ecc7fedb7859b375d923c21f55eb5d20432
SSDEEP

6144:zLfOOftMC9WWnxfSHXWvzDvgV3RbeGzQgjyCMwV33DpzzCN2Rl0:zRtMCjfCXWLLgVlpzQgjnMwVNS2Rl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20d755c31ad86812355a0c8ea0bc5e85_JaffaCakes118

Files

20d755c31ad86812355a0c8ea0bc5e85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\clientci\workspace\plugin_BrowserProtect_compile\olplugin_proj\BrowserProtect\BDABrowserProtectUnInstall.pdb

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 340KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.khe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE