4415cf0a82050afde37ca4fceac6d697_JaffaCakes118 | Triage

Sharing

General

Target

4415cf0a82050afde37ca4fceac6d697_JaffaCakes118
Size

775KB
MD5

4415cf0a82050afde37ca4fceac6d697
SHA1

2f2d056a1bb4ef41300cca0b72d14155bc72850a
SHA256

2177db0447cb1be251fbddaba07a566b111b648749414ee06ba1496a9b73d6a0
SHA512

70c6756687d0fb98ec28ee64f17298cf07e0bb0fe6cb2db825a97877022072082a17db6c5fd51f851d785e1b1ddd50b9239f6b431662dee0a30d5208dec2383b
SSDEEP

6144:U+vX/n9t5lUSfI1ftMgKi7sSRtpMeK33nG5OfeIbW07SbXz+44/BiGI2tKlM0iiY:LP/j4sWXzE/BiGI2MSIY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4415cf0a82050afde37ca4fceac6d697_JaffaCakes118

Files

4415cf0a82050afde37ca4fceac6d697_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BuildAgent\work\d63dfc6385190b60\build\WindowsWebPlugin\UnityWebPlayerUpdate.pdb

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bcovbss
Size: - Virtual size: 872B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bcovcon
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 551KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zwt
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE