ffa6a5e294385da63dc13a4299b4aa9e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffa6a5e294385da63dc13a4299b4aa9e_JaffaCakes118
Size

2.3MB
MD5

ffa6a5e294385da63dc13a4299b4aa9e
SHA1

29454cc88b4e9228a45ea079a8db7ee40be91fa3
SHA256

9292f0e2081446695b05680a5789c398caf5dea006138895904b2b8a04173f15
SHA512

65079b50cc93d57554148aba35bd319c5bf9dff135ba5da125c3a306ce6197bc0f1e34825b048253cf6bb77569ef31d6d28bf8f12ca90ba8012f7e5cea2776d0
SSDEEP

49152:JL/FXSkGfAcIbgpWiWSo4vC1841pHB8PuZCaSCefF6gP9nlj:9RH8IbCWiC184R8PuZCaSp1xlj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffa6a5e294385da63dc13a4299b4aa9e_JaffaCakes118

Files

ffa6a5e294385da63dc13a4299b4aa9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Coden\Projects\eMule Projekt\eMule 0.49b-Sources\eMule0.49b-Sources\srchybrid\Release\emule.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

Size: 2.1MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE