11ee5b93f7c5b9f9a1b8b62b7ff3898b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11ee5b93f7c5b9f9a1b8b62b7ff3898b_JaffaCakes118
Size

325KB
MD5

11ee5b93f7c5b9f9a1b8b62b7ff3898b
SHA1

871e135dd653240629287ffbb8636b6f5347e17a
SHA256

a62a2a1609734b428eda877d499e21fcb9b20106e7aac92cf924c2120cab56b3
SHA512

d5194fb0793042c37d33efbb12908ce9b29c6a965da485755d46e4f1f99696a2c6b6d94d56d3e02fa5cb4d912264d82910f8b50e9fa2b6658530d8724f74287e
SSDEEP

6144:Jo9pTA7I/9DYwVZqNYF9AbhUa6qkM3Gg+75VvFsEZ3u6lsfmdwJp+d9uBwX+mc6g:JofTA7G/OHz7+nvmivom2p+aBoc6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PopCap Games (Patch-univer)/PCDPRemover.exe

Files

11ee5b93f7c5b9f9a1b8b62b7ff3898b_JaffaCakes118
.rar
PopCap Games (Patch-univer)/PCDPRemover.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: - Virtual size: 988KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 319KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PopCap Games (Patch-univer)/Readme.txt