c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118
Size

413KB
MD5

c02a0c7cb72d1ac82676ee31161d8083
SHA1

22e9d8e7902ae45754b5e73c776ba3cf667e8d35
SHA256

0cdce581e17e9e4e82ef4de7711ac348f3c80a54839af38a70ffe9c2f09c9155
SHA512

f9f884ac7d830da2ee146ae75d8f0d3dabfa3f95d64c62c0477c16db903bb0b231dc9054aa8a03b60703414c0fef63de631d3726d3fe0cefe4e6a6de2eff5eeb
SSDEEP

6144:HVbvz3lCSPrr4qRTFa9N+nGm8p/shDA+T7WNO6oAkgmsH3z:HVbvzVPgqiIn9A95otgRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118

Files

c02a0c7cb72d1ac82676ee31161d8083_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\work\SVN_QQSpeed2010_proj\tools\QQSpeedRepairer\down_daemon\Release\QQSpeedRepairer.pdb

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oli
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE