417779d159472f61f113ee11f118aabb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

417779d159472f61f113ee11f118aabb_JaffaCakes118
Size

441KB
MD5

417779d159472f61f113ee11f118aabb
SHA1

9afc72216d9a032df8c034a8aedee1969c3a3bee
SHA256

233cf2f01d20ac31822ba9c220ced4e39b81718ecd98f26c517aef91bccc4bb2
SHA512

1cbb38fd12f03174b40f2c963359c81d660d13375c97754590b3d64d32364de2976a8537cbd2c4dfa80a1ae4a49c5bf4d04d859bffe7631853e51abd4a3166b5
SSDEEP

6144:iVpYlb9SYnFFFFF8t1x2IzS0jyLgxtuhIXbfOxozwK:/5xFFFFFIxVz9j6FhIDcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417779d159472f61f113ee11f118aabb_JaffaCakes118

Files

417779d159472f61f113ee11f118aabb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\Company\PCProject\ShuRuFa\程序\Trunk\DongFang\2.1.1.0326\Bin\PDB\DongFang\201504020901\SkinReg.pdb

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gda
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE