c7b031e8c1e3f5981bf4ab8a55085f80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7b031e8c1e3f5981bf4ab8a55085f80_JaffaCakes118
Size

175KB
MD5

c7b031e8c1e3f5981bf4ab8a55085f80
SHA1

198acd5c8e207c4fd35ce2a935d1dcd0b1b352fd
SHA256

01776c9eee4c515386901b8172b7d98d6951ce7dc3f83247af93a9b028fae025
SHA512

7238d7115881344f9fa88bd63e99c2ad686c8e940da40cc21381993a5a48fffa772f4b1991c0aea39f0dbcb31c13093735b8ec193c64a87d9657ac12bf7089f5
SSDEEP

3072:ElIMUFqYjJooKauXfh+apiOV6UYC9rYWVn1PfrTQZzVavOmBAFjat+I0jDaWgevr:e0qYjJZRubWmDVn13rTQcvtjPg6/fKrH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/44031673/Pchat.exe

Files

c7b031e8c1e3f5981bf4ab8a55085f80_JaffaCakes118
.rar
44031673/Pchat.cfg
44031673/Pchat.dof
44031673/Pchat.dpr
44031673/Pchat.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
44031673/Pchat.res
44031673/chat.dcu
44031673/chat.ddp
44031673/chat.dfm
44031673/chat.pas
44031673/chat.~ddp
44031673/chat.~dfm
44031673/chat.~pas
44031673/下载说明.htm
.html .js polyglot