3fe145da7a77c31c16088560595ed90e_JaffaCakes118 | Triage

Sharing

General

Target

3fe145da7a77c31c16088560595ed90e_JaffaCakes118
Size

629KB
MD5

3fe145da7a77c31c16088560595ed90e
SHA1

96ae098e85a0df08b484fc1918c1bda0a876dc0b
SHA256

05dc5dcdc74d244339ebf853c61b739a89cf67742723bc40f09cd82ab2ffdc09
SHA512

da8b8a4ec1d309b8ce9cd1d105cd19149ca7cbb7a08c2999cfec9a7ac762f2dcbdcbaa5095c5f73035f9efa07c7edb271eb15aa0a66648054c8fc7c44f93d200
SSDEEP

12288:34moM7pdaR1cSoA5wy/2awFCD/JMWwEwjJab9kvtqsqx5JX2awpAT:PoZfwy/eFCD/oFab9kpqx5JXVAAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe145da7a77c31c16088560595ed90e_JaffaCakes118

Files

3fe145da7a77c31c16088560595ed90e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\jenkins\workspace\暴风主干\trunk\Business\Ad\Release\PopupPlayer.pdb

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.uro
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE