3fcf582e2116add69ccf191917ea8fbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fcf582e2116add69ccf191917ea8fbb_JaffaCakes118
Size

595KB
MD5

3fcf582e2116add69ccf191917ea8fbb
SHA1

b71f7db1a420b841cb2028623a95bf713cefbfbc
SHA256

116f9ef04c1da28301b2df4cf02beb71a8d8d4cc49abab2bb50630dcd08eaa8d
SHA512

d71a1ba7cb2bbe1aed31426b2c8d698840ef6ba01762104218c4f42900fb3361f14d0f3211bd6e503f395bf7ba4c3caf42966238cdb6f16cb931389167704d42
SSDEEP

12288:bPW8Y2QmuaNf3vmX53j37nXkapN2ZIOFSSeYYNEoHe0ea:bPWPgN/+pr77rOFSSTto+0H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fcf582e2116add69ccf191917ea8fbb_JaffaCakes118

Files

3fcf582e2116add69ccf191917ea8fbb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\se7\src\build\Release\seup.exe.pdb

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.qnk
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE