f64cd48dbcaf8871eeb462bdffadd75b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f64cd48dbcaf8871eeb462bdffadd75b_JaffaCakes118
Size

91KB
MD5

f64cd48dbcaf8871eeb462bdffadd75b
SHA1

e45d687ffeac61e98a84ffb1af31cb5b9ea3f40e
SHA256

e3503f062c3deecb4b0a27bf35949970ff5f4254dfc4490dd85bdd6d172a7b31
SHA512

c9026f30cc710ba86925142064500cd83168085dc8d73b84e4954ab8a796c94801df033e880de1794ae9e0dae8a8b6cd3e41287df46abb90b744a221d0cd7323
SSDEEP

1536:UKI4vfB8kGzzbyWbSxA5QBcTenySgzJu+f/zON4XSk/JGdKb0:C4vp8kGm6QBienyhzJu+fVXSGJGde0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f64cd48dbcaf8871eeb462bdffadd75b_JaffaCakes118

Files

f64cd48dbcaf8871eeb462bdffadd75b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\我的文档\PE\NetGeter\Release\NetGeter.pdb

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

300
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Katja
Size: 217B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE