3305f29c1285ba3d9234217b8182e4a5_JaffaCakes118 | Triage

Sharing

General

Target

3305f29c1285ba3d9234217b8182e4a5_JaffaCakes118
Size

313KB
MD5

3305f29c1285ba3d9234217b8182e4a5
SHA1

c2589fe66277b940aada8ea28e2bc0c2310ecc5b
SHA256

1469635dfb05887415bc5a9cfaae233c911219164d68403d800230a279c3b4b6
SHA512

dc13b7d93f80ca5460cb650e249b98a3c2f05c958e827985515b8d1fca48300aa8c1c94f4bb3ba4b4cec2590073873504ff71d348a4e50f80486ba9afdcc3c69
SSDEEP

6144:niiEZ7Zl1ndXuQQkRvOQzs7++PrwxWoUGNWEQLqRRVM7g+Ab8pBFxYJITvopz:npm1ndXKkl+PAKGQETRR8w4bxY6Az

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3305f29c1285ba3d9234217b8182e4a5_JaffaCakes118

Files

3305f29c1285ba3d9234217b8182e4a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\jenkins\workspace\暴风主干\trunk\bin\Release\webplayer\AxBugReport.pdb

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.jgd
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE