3e159772a7217fd664cf5398f2ed3095_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e159772a7217fd664cf5398f2ed3095_JaffaCakes118
Size

409KB
MD5

3e159772a7217fd664cf5398f2ed3095
SHA1

39425f1085eca469b63bab62f349690fac03818e
SHA256

15d8da65fd918627d0f046ee3b0fb9b3a1db5042113469617a8eb69f5ab35028
SHA512

3b670beb73e7107911d556d3f964898f21555fb4797fe10f03e5e65944a14dc8467310e694678bc5bcdc20d6e31cb14c9bb405a2ddaa3b7ed3294f417f0ce741
SSDEEP

12288:/hIYTlF9pYuNQZVwk1kJM/RTpuFmbngaRWvA3bM:/yYThrNSqk1wmppEKngyW0bM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e159772a7217fd664cf5398f2ed3095_JaffaCakes118

Files

3e159772a7217fd664cf5398f2ed3095_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\s3_main_2\src\devtools\appidlauncher\release\appidlauncher.pdb

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.khe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE