37a89bd11de31aaef41d65bfe78221e2_JaffaCakes118 | Triage

Sharing

General

Target

37a89bd11de31aaef41d65bfe78221e2_JaffaCakes118
Size

246KB
MD5

37a89bd11de31aaef41d65bfe78221e2
SHA1

80579e17194407d0f8d6803db4661dd4d7770888
SHA256

04ed184a819a6a90ef488e275c98abe08b937e4250406fbb4eca4c58f90e2c31
SHA512

90e53fa4bf7fcb61e92c51ed9a641a0b52fd0944be6e31d241eb7a91c6785a093f57631116d1d25ce23d6d0a5093a810b84f52f9d712917bbf5d9e01c238a532
SSDEEP

3072:OAL2jVhbOb7RNYVvKp67KcogtjkAH7Bc/+SpflNcjzKYunKzAsmDvNRTe88tuJYR:OAL2zbsrUZyyJbBzSpnaKpR682k7qEyT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a89bd11de31aaef41d65bfe78221e2_JaffaCakes118

Files

37a89bd11de31aaef41d65bfe78221e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\project\sogouime\branch\PinyinDev_R_6_5_5\Bin\SogouPdb\SogouInput\ScdReg.pdb

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gda
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE