6deac56ac14f457e6b48b3eca9661286_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6deac56ac14f457e6b48b3eca9661286_JaffaCakes118
Size

1019KB
MD5

6deac56ac14f457e6b48b3eca9661286
SHA1

6b4e1ee40f76a85d51a29101491bdb22ad595804
SHA256

87b6c45ad7f5b44aaa4c916b2287c469ad0e84a5770eba0d2a75ac343da96287
SHA512

7be4dc325eb46c1082e37c02435ff70e05c215da4f11b5adc12788945305c06a93788faa7e6fe019fe47ff4f439b34835bb5e3ca0483e4b51c49a3dd5adb6e11
SSDEEP

24576:q7Q1cyrf9GpDtXHrOcgWrtvwWhwHp4DLL+vrK40jEPAOaa0KDZaiHHvcZJ0PhRN3:q7Q1cyrf9GpDtXHrOcgWrtvwWhwHp4Dx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6deac56ac14f457e6b48b3eca9661286_JaffaCakes118

Files

6deac56ac14f457e6b48b3eca9661286_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

OpenFunServer.ru_Laucher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1006KB - Virtual size: 1006KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ