b1367b90d71450638902e155068c5e7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1367b90d71450638902e155068c5e7d_JaffaCakes118
Size

337KB
MD5

b1367b90d71450638902e155068c5e7d
SHA1

e4c5ae6b61a6817980c0d57b8a77bf393eeb905b
SHA256

353abd0e0847527f44878cd12270be5e5ef2df9f44e22dc9b63f2cff3206cd12
SHA512

364863274fc60706a6ceeda8e14fa00fae459bd5f490b993e530f496edff4df6fb7463beaa1dbc484e4f7e72ef31b2dbb7f8e4e6e607449fa88df15657cec1cc
SSDEEP

6144:2qa1N6y1M/FYgGsDQMh8EcewwaLH1syOOfO164HBcKEIWGZ:paOy1M/F11Xk1sDRh5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1367b90d71450638902e155068c5e7d_JaffaCakes118

Files

b1367b90d71450638902e155068c5e7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\phtrunk_code\MessageCheck\Release\MessageCheck.pdb

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qnk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE