37cac2697fd3ee05b2bf56c49401dfe4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37cac2697fd3ee05b2bf56c49401dfe4_JaffaCakes118
Size

473KB
MD5

37cac2697fd3ee05b2bf56c49401dfe4
SHA1

cfc7b6ef1e7ef3fe902f1eabe81d4e599690b1c8
SHA256

10c3600878671171c8cc6542460a34bc70f8de4cebeed756e30f0bde7bc59635
SHA512

4a3e022491b578b028dc471efa0718144eb72f64221e20cde5a0dfa0651332df07514d9061f75c5a274a53f50ec3b30bef8df91a0cd6b4e3ebb183d5eb4c8589
SSDEEP

12288:VufrCKkng69n6hf4TfrQAysELY3EmjHqrTB3Drpc8:SrC9ng696hwTfrQAyBUEmjKr1DVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37cac2697fd3ee05b2bf56c49401dfe4_JaffaCakes118

Files

37cac2697fd3ee05b2bf56c49401dfe4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\KINGSOFT_DUBA\Build\Build_Src\kcloud\kcloud\src\product\win32\kdumprep.pdb

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oli
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE