35ea8996ea88ca288a10493f3971cb6c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35ea8996ea88ca288a10493f3971cb6c_JaffaCakes118
Size

189KB
MD5

35ea8996ea88ca288a10493f3971cb6c
SHA1

e4f93ebf5a2ab7c433b5f914cdc20be97a4c2c33
SHA256

4efa9ab2ab8a1244473bf23fddc3f8a1633b3b4acfc41e8dcde5dd61e2cf390e
SHA512

c32860955a1db818417cc62371cad9ea49b1c75658787dffd8d7d80c8a6fe4944c173f7a309e18e916e342d05e17dd93ccaf6c82d1e863e63d1a3d86bd38e53f
SSDEEP

3072:8anVnJZBuBCVVgz68oqJQ5J4nuujpzkDRDmui7br2mIFKgFcceH02qCapNLmOhH1:8u+CXgz6dJ4jcRDqbKmAXOY2q3fiTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35ea8996ea88ca288a10493f3971cb6c_JaffaCakes118

Files

35ea8996ea88ca288a10493f3971cb6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\builds\moz2_slave\rel-m-rel-w32-bld\build\obj-firefox\ipc\app\plugin-container.pdb

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.khe
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE