3125ed9583fd6e147ed0711cefbbfc52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3125ed9583fd6e147ed0711cefbbfc52_JaffaCakes118
Size

1.1MB
MD5

3125ed9583fd6e147ed0711cefbbfc52
SHA1

1529059f8bdbe65715469f9ba6b6727ed0a58bc5
SHA256

06c322f8fa0b869869431838f1fd96686d7c85bb52efa45fa1f0d3d1524c1af6
SHA512

575d395619c592f65466c712e3757cb1d3dec72e10270fa645d0bc913fb0dc43b6d679244e42abd4737ebdfb529659a35f7bfb0d11d47a17bad13298efbb069b
SSDEEP

24576:91Wu9TqPFHxD3nHq97ao0TuFElScYCgh4LbZPhMrX:9QgToPK97ao0TuIS2gh4lmX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3125ed9583fd6e147ed0711cefbbfc52_JaffaCakes118

Files

3125ed9583fd6e147ed0711cefbbfc52_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\fancy-3d\Output\Fancy3DSetup.pdb

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wtq
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE