cfbc1466a668d86b41199f2997bb477b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfbc1466a668d86b41199f2997bb477b_JaffaCakes118
Size

3.5MB
MD5

cfbc1466a668d86b41199f2997bb477b
SHA1

b2ad1c475e301233538fe7da4c4afba52577a0ef
SHA256

8a0fc7f4a9a3c1d398d9b4b4c97e4fb9de960ff4854b3a423540118ac6e82cda
SHA512

bd8961aca7f9b83975ca6aec112e40675b902287debfa50009e401a159378647c943536fa1d96ac1555fe1a8ed7e8e72a4bc228b2c14132119d5d081fddcc297
SSDEEP

98304:gooYIc/ZLe4pVU/BYs8hrMFZrSO265gdm7axCgDV:gNNcx7KYtVM3rSO2QLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfbc1466a668d86b41199f2997bb477b_JaffaCakes118

Files

cfbc1466a668d86b41199f2997bb477b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Buildbot\ad-windows-32\build\release\app-32\win_loader\AnyDesk.pdb

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 10.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ