029b1764398e140031ddf77704be614c_JaffaCakes118 | Triage

Sharing

General

Target

029b1764398e140031ddf77704be614c_JaffaCakes118
Size

83KB
MD5

029b1764398e140031ddf77704be614c
SHA1

bf744062f061081ec916bffa6e7ef24149b76f6f
SHA256

b3ae139108cc1eedf6c21016c9ebe990e76201178e7180c9fef675ee23ad2cb3
SHA512

4db1ec7c8546bb7f76d53be3211a1b300bda2a8f2330a371d89cfb0b17335f863e4adedb957a4cf403e04a0a28e16b2c70a54afbdfceb341c40f408777b2160a
SSDEEP

768:GaU8HebEMiaz2PmgX90+XOmQmaPXh42PL1iJ+lHPGUkuFkcA05a3PUiGQ7aXWxk4:GNo6zsm69YmQv5fPPGjNcRmPQQ6xTOuS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
029b1764398e140031ddf77704be614c_JaffaCakes118

Files

029b1764398e140031ddf77704be614c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\작업\스마트팝\SmartPop(IPO2)\Release\SmartPopInstaller.pdb

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ