312e22449070da4bc4258f4efa1db47f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

312e22449070da4bc4258f4efa1db47f_JaffaCakes118
Size

1.5MB
MD5

312e22449070da4bc4258f4efa1db47f
SHA1

4d0f272cfebc6957d2d8692eaa0d794b6b7fc442
SHA256

13257e01f60f805c636b8ca7294eca529458df45a004d4201200406ff2b3bc80
SHA512

8009fe7a36ffafa9968e22c5661bbd6eeb10d96de691a814f325df1707103e1e5bcf5087c132e1a16540d286ed5f3cda9b3bf10e1ab542793092d64cdcfedece
SSDEEP

24576:kx2PSsLX7xlKa6ce6Bk7Nx2LCD9N/hm5mhNPtyTx4JaB/hiwj4K1lsIZ:kk6UXve6PCrttyTOi/h/T9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
312e22449070da4bc4258f4efa1db47f_JaffaCakes118

Files

312e22449070da4bc4258f4efa1db47f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\Company\PCProject\ShuRuFa\程序\Trunk\DongFang\2.1.1.0326\Bin\PDB\DongFang\201504020901\Config.pdb

Sections

.text
Size: 844KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xur
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE