35e71af5e4a3afbd8e6cf96e86f2d254_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35e71af5e4a3afbd8e6cf96e86f2d254_JaffaCakes118
Size

409KB
MD5

35e71af5e4a3afbd8e6cf96e86f2d254
SHA1

55e2f8fbf83835424b042bdebf8797be841e950e
SHA256

13f2f06a1f076de39b9a4c406a25e0b3355dd3f1a10abe4d5ebf6a5e90ce1648
SHA512

ac081dce955ea67d5d2ad99aa2c311e41d6b595dfce71d061c650408925849b0b4248d5fd29f5dcb2d1ee91c0a07beb87adbf0b449c934f4b1e0cc156c972789
SSDEEP

6144:fftXM/Ov/tk96bDMe2mqVzNudSNbzaXV1ufVzZb3y3iqCSZ9gpZBOJqpctJhW:9X3296P499hBWGfVNb3CgpDOkaW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35e71af5e4a3afbd8e6cf96e86f2d254_JaffaCakes118

Files

35e71af5e4a3afbd8e6cf96e86f2d254_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

i:\2014Beta2\sourcecode\bin\ReleaseU\Symbols\QGHall.pdb

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rol
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE