2d66b110a2c776801528ca636e64c0d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d66b110a2c776801528ca636e64c0d4_JaffaCakes118
Size

37KB
MD5

2d66b110a2c776801528ca636e64c0d4
SHA1

f01e937f6602840e40deaff7c3688d3f64b62c26
SHA256

e5af6678d6d82d286475b91d97b38d4ab0462a5fa5a82ec9cf043cf7ceda6fdf
SHA512

c37a361eb60e96b1a2d9d0e019677efa23f2f9f23a8b4eb2a9620b5104b39918250d3a7e5c3aa0788edcf70f4cbcafa18872244036422eb47177e9b0d09ede2b
SSDEEP

768:/jKCgK2a6drCzk/y7T1Xt+kkMC+vJuCclUP84j2TQPDOqgg8uvBI:/Ng7drCvB7NclU04CTQP6Jhum

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Win7游戏全屏补丁.exe

Files

2d66b110a2c776801528ca636e64c0d4_JaffaCakes118
.rar
155绿色软件站.url
.url
Win7游戏全屏补丁.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Documents\Visual Studio 2005\Projects\Win7游戏全屏补丁\Win7游戏全屏补丁\obj\Debug\Win7游戏全屏补丁.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ