4ea13ee406a1eafb00e43a6d6acb1223_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ea13ee406a1eafb00e43a6d6acb1223_JaffaCakes118
Size

26KB
MD5

4ea13ee406a1eafb00e43a6d6acb1223
SHA1

0cfff22578102d11bcc21e55faa5249c77b28cbb
SHA256

eedf487d1f9386f7f710f25fa9301b8954a9e5acc4de1216cadc3de4946e9fdc
SHA512

a5703acc585652e0db1f800112153b2b9148cee4213d272878b1469fbc82a4df898f225cf2fabe8d79fc086b161b47799fb79cfa9c256c95343f6eddaec6a299
SSDEEP

768:gCgNzik4+NGYpKFxR27lrpImgmKRB6b52Vf:2zx4sKF727lrO9VRAb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PremiumSoft.Navicat.for.MySQL.v8.0.19-HERiTAGE/Crack/NMSQL8019_CRK.exe

Files

4ea13ee406a1eafb00e43a6d6acb1223_JaffaCakes118
.zip
PremiumSoft.Navicat.for.MySQL.v8.0.19-HERiTAGE/Crack/NMSQL8019_CRK.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

HTG.N
Size: - Virtual size: 248KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HTG.N
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HTG.N
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PremiumSoft.Navicat.for.MySQL.v8.0.19-HERiTAGE/file_id.diz
PremiumSoft.Navicat.for.MySQL.v8.0.19-HERiTAGE/heritage.nfo
keygen.nfo