c20b08e7aeb35f86c1597322ec3c4e5e_JaffaCakes118 | Triage

Sharing

General

Target

c20b08e7aeb35f86c1597322ec3c4e5e_JaffaCakes118
Size

585KB
MD5

c20b08e7aeb35f86c1597322ec3c4e5e
SHA1

46a529a7dadbb2c033ce38d41526781bc6029b17
SHA256

78b3ca3d968c0b5aa82f7b8a3d9206a355fb95811eef9950eddc19ca107e2c57
SHA512

3179c82afeb051a8ae534f386c2e831a1491df54697725cac3068e1d475d78c11515637fee4cf63544826b12e4d12e7ed13f2f232906720def7dd8db525f0f99
SSDEEP

6144:RIetsKVLyJS70mXEe2SAscLcbsMuJMvmcXEcZ5iIyulU51SHvW8C8jb9GfkO+1eV:RIasG+o0eY7YGAZ5lI1rp8jb9K4e6WX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c20b08e7aeb35f86c1597322ec3c4e5e_JaffaCakes118

Files

c20b08e7aeb35f86c1597322ec3c4e5e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\BWA\iTunesWin-1053.3.1\srcroot\BuildResults\Production\iTunesHelper.exe.pdb

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.lif
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE