e09177e5ab33438c590a180357b4de74_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e09177e5ab33438c590a180357b4de74_JaffaCakes118
Size

6.0MB
MD5

e09177e5ab33438c590a180357b4de74
SHA1

e30eac781fadab887d2c935af6a5f6ddb5734416
SHA256

9f8412a8bec4069e11222c5c85a0856b459bf94a91521005d828237e0772d1a1
SHA512

2322fb21269ae8f18283888b6ee464f4e905aa914bb251d651bb5d21a86de9aff9d4a4b39f660604a0b4896594f054d6f0a336fc56a572678c1f3f8e8f174803
SSDEEP

98304:3fnC3KCwjOmmTPLKmGse660tAW7Fh7uUcGe/c2GRbpPP8Mj4i73QgvMWoKfLoLPn:3gK3Lse66Gn7uUcGXPh5MWjfLOn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DevPro.exe

Files

e09177e5ab33438c590a180357b4de74_JaffaCakes118
.zip
DevPro.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\sean7\Documents\GitHub\DevProLauncher\obj\x86\Release\DevPro.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Language/English/cards.cdb
Language/French/cards.cdb
Language/German/cards.cdb
Language/Spanish/cards.cdb
deck/New Cards.ydk
lflist.conf
pics/101001038.jpg
.jpg
pics/101001061.jpg
.jpg
pics/field/19162134.png
.png
pics/field/22829942.png
.png
pics/thumbnail/101001038.jpg
.jpg
pics/thumbnail/101001061.jpg
.jpg
script/c101001038.lua
script/c101001061.lua
script/c101001074.lua
script/c1525329.lua
script/c16006416.lua
script/c18013090.lua
script/c62899696.lua
script/c86871614.lua
script/c90434926.lua