4f4a49af38bbbcfaa9ce27adee3e78a7_JaffaCakes118 | Triage

Sharing

General

Target

4f4a49af38bbbcfaa9ce27adee3e78a7_JaffaCakes118
Size

461KB
MD5

4f4a49af38bbbcfaa9ce27adee3e78a7
SHA1

706870fd4355cc1f04699497ea63ff36c2316b77
SHA256

0497c04566033b658ce186afc24e24895edccb3a929ffb77ff4982936e380d55
SHA512

649deafd1f76d7fe860cec88b6b54311b53d2873b278ec2a8f4c881d9d3a0c94b2d5bc853d4d47085637b4543bb272156e7655744e3900896e82eeea1e61228c
SSDEEP

6144:6U5npygCyAbShbUAPRNN8m7eV+wGVNQmcRQ/DgUqgui4cGW12LY5mooe+Mal1PGw:6U5nBqEhmqeVTG0RQbPujwlyMal1G5e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f4a49af38bbbcfaa9ce27adee3e78a7_JaffaCakes118

Files

4f4a49af38bbbcfaa9ce27adee3e78a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\QQPcmgrDownload\Release\QQPcmgrDownload.pdb

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uro
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE