431d5e4b22422c8d1971e3f034b7c0df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

431d5e4b22422c8d1971e3f034b7c0df_JaffaCakes118
Size

286KB
MD5

431d5e4b22422c8d1971e3f034b7c0df
SHA1

8a6476b16d8b4002cee07a5e88705f7c3e7711a7
SHA256

1499be5fa03e4945a2adaf9d1883d7ce6853b48e182a9aef7847e6b31d229f72
SHA512

160d3d264f6a0c532455e43a756ea5881d383626eafcc870038bbb653746cf30d96cac0cb52edf012375e8f48daf90c54c0c60ec89287010ac54a84e3ec94065
SSDEEP

6144:nacLZXmjL0dmpbdEJuOQi9AKyScNxgVvdouQzKf43db2+DJtct:aMybdEJtybNyVFouwKf6tDJtS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431d5e4b22422c8d1971e3f034b7c0df_JaffaCakes118

Files

431d5e4b22422c8d1971e3f034b7c0df_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\workspace\xl_framework\win32_component\LiveUpdate\XLLiveUD\release\LiveUDInstaller.pdb

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rol
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE