fa3111f7ce6ae314ec0453eb887f58ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa3111f7ce6ae314ec0453eb887f58ef_JaffaCakes118
Size

253KB
MD5

fa3111f7ce6ae314ec0453eb887f58ef
SHA1

3bc1a57ded9701bc47f4211289859e8de42ef83d
SHA256

d8a7662c6cbe6df23c43851e1bbc3ce6ce0273aff4a4d806a0d74968e72e6372
SHA512

5aa9f86374929071eed97a2a85e2d7b98c2e054493d0672f2c1e47ca6058d572ea1a596e794e08d8b7e454c36dda66736fe204b5fa96d8ce091bf5407d6117e2
SSDEEP

3072:dsb7d26QshXBkTOGUxyAsrI2NZVsIGFvtyVGmg84K9RP7elONnHFc+UuYwL395:q21shOTOG2DsvOIAlYG584K6lcfr95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa3111f7ce6ae314ec0453eb887f58ef_JaffaCakes118

Files

fa3111f7ce6ae314ec0453eb887f58ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\dev\work\orionGA\2014_20110822_0025\Yahoo\YPager\output\dist\bin\Release\ymsgr_tray.pdb

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE