be60b9f39002d4c791c3b60430d8e3e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be60b9f39002d4c791c3b60430d8e3e2_JaffaCakes118
Size

301KB
MD5

be60b9f39002d4c791c3b60430d8e3e2
SHA1

73313c02600833caa990fa7221a747021a611081
SHA256

127bb65d88680a4b8a61eaa00e01bed10cc3dabee84fbc92759b4b0894abf5aa
SHA512

8baf6a453272c83ab1abb2b9558e24469948297a09992df4099f01c311638100cc444a0f64524bf59bf3d77242634b4ad23db638f819067a20b74e9506e5a551
SSDEEP

6144:4xmNbUi6Qh8ymGWqsCKpYJFvLuKOJ8MlU6gV2:4xmNbUV68eWXChvLuKO0V2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be60b9f39002d4c791c3b60430d8e3e2_JaffaCakes118

Files

be60b9f39002d4c791c3b60430d8e3e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Dev\icedragon-newbase\obj-icedragon-official\webapprt\win\webapprt-stub.pdb

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.qnk
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE