89214b05564f612903446d351284c9a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89214b05564f612903446d351284c9a1_JaffaCakes118
Size

231KB
MD5

89214b05564f612903446d351284c9a1
SHA1

88810ca71ba17ca45dc1a988f61a267332ec9204
SHA256

d6b89f72b7a43b922412b23a0f364ce930d0fe13a9ded68efb72f63547a57262
SHA512

c078791f9c4b615fd99454ac4ad641af63ce2f255acf176a5b814cbbf6c6916c7f6f8d4ba5de74df5fbb83b2a16b3b662ef40c59f486f245aadee45c4c4653b8
SSDEEP

6144:oGbjC7WxXy7jpfk7PK9Xiub/H0q4vUUwc6:z8KwHQu70R8Ux6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89214b05564f612903446d351284c9a1_JaffaCakes118

Files

89214b05564f612903446d351284c9a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\Acro_root_apz\Main\code\build\win\results\Release\info\ExtendedAppEntry.pdb

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wtq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE