ae698fc1080af3cd519f20948f1894f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae698fc1080af3cd519f20948f1894f1_JaffaCakes118
Size

364KB
MD5

ae698fc1080af3cd519f20948f1894f1
SHA1

020422cb0c96064389f19f0d20c7be3ac5d7cc21
SHA256

c9d283a3fd76c01db46112d2245323073a72be09e94decbab6fca7b225ffe9d8
SHA512

f85e90632d5afd7798ac301690334484e6f3716863f8a15ffc339878babb2d96425be39172e970608d53e6589cc97d27908f6ebfea862ba8cde189a464beb92d
SSDEEP

6144:T3zofy1aPZvo5T6oLskdvZ2SetXLNDOkocbzdlBZ0xoxsnYlzU3p3njUddoZIEDf:fD1qRoZ6eskv2xvakocTaKUZ3njad+Ii

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Applanet(Android Market Hacked) ~ demon ~.exe

Files

ae698fc1080af3cd519f20948f1894f1_JaffaCakes118
.zip
Applanet(Android Market Hacked) ~ demon ~.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Chef\Desktop\CYBERSUBI und Will\subi1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 492KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 103B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ