4db3f31b3e4179a1d680e9a699148227_JaffaCakes118 | Triage

Sharing

General

Target

4db3f31b3e4179a1d680e9a699148227_JaffaCakes118
Size

59KB
MD5

4db3f31b3e4179a1d680e9a699148227
SHA1

4a9fc64b95812cdf23c7e4fd626b02b8bde3e847
SHA256

442e1d3bed88633facc49a9ca6760241749057f66661d9a94a2fcd348022887c
SHA512

88f6fee183e917e9cd7aa2e3831a50801f4121103f0303754d1ac25d40d4065227af6ab4961a09e77600a3d835e89d8232eb6f53bb88f2e44a1fe5d2f983e592
SSDEEP

1536:gst1q0n4EZya+iQUwDCCaeHQEoFoZodl8Y4OPU3HLk:g4Q04owiQUXIHRKoZoTZPU3HLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FarPoint.Spread.for.Windows.Forms.v1.0.9.0.Incl.Keygen-ORiON/Keygen.exe

Files

4db3f31b3e4179a1d680e9a699148227_JaffaCakes118
.zip
FarPoint.Spread.for.Windows.Forms.v1.0.9.0.Incl.Keygen-ORiON/Keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

ORN0
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ORN1
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FarPoint.Spread.for.Windows.Forms.v1.0.9.0.Incl.Keygen-ORiON/file_id.diz
FarPoint.Spread.for.Windows.Forms.v1.0.9.0.Incl.Keygen-ORiON/orion.nfo
ReadME.nfo