2be7226b836c7b59ca50022d36a42b93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2be7226b836c7b59ca50022d36a42b93_JaffaCakes118
Size

798KB
MD5

2be7226b836c7b59ca50022d36a42b93
SHA1

44d8e69db4ab4c3a160ed978a51c48cc25bf045f
SHA256

05d654e61580faa53983bf688ec78d0f742b825b391ea2f0004d185252236a0f
SHA512

70276c1a8545eed19ac01126aba2dbf847ba23dae2752020447c71f3f46d9d5cd5a2490a4b8c94b6d47aa46d8f7c02c25e8bf37cc933b3c8f2e3543e465b123e
SSDEEP

12288:FvDKqjVyUhOXnGFGQcQ4b6fG810bgYqJ7n/phevOQxv0nOxvWu+2zLbAPuarc1:R2ybqG06fG8uW/phe2kvGOxvWYvH0c1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be7226b836c7b59ca50022d36a42b93_JaffaCakes118

Files

2be7226b836c7b59ca50022d36a42b93_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vmagent_new\bin\joblist\32250\out\Release\360CleanHelper.pdb

Sections

.text
Size: 477KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.spm
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE