feb5b141c4d1d3c5fcdf7a8ee9ac11c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

feb5b141c4d1d3c5fcdf7a8ee9ac11c8_JaffaCakes118
Size

340KB
MD5

feb5b141c4d1d3c5fcdf7a8ee9ac11c8
SHA1

cb13f947c3f964b0180eb23b9dbf528a68ea4077
SHA256

6c88d6b6243d759f43486d859ef4e5068d1ef2fd5e5e7eb6e110675dca5e57f7
SHA512

f81814dc5a70a403b85be8d44b974b6010c28e15acffda2460693ee994b155e6503957f743fcfb7c0591d60241a423d02a4f9f94522d4b3bf4247c6ae16a0909
SSDEEP

6144:sCazf8vH+wReGNYWhJT0OKXxLcBjXN5j5WKeX0LtgN:sP7W+CJpJDKxL2rN5be0BgN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb5b141c4d1d3c5fcdf7a8ee9ac11c8_JaffaCakes118

Files

feb5b141c4d1d3c5fcdf7a8ee9ac11c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\김민정\프로그램\업데이트모듈\동의창\Nurungzi\동의창\agnrz.exe_1.0.0.1\Release\HiSantaNotifier.pdb

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ