1448580508bde9bd9f8ddbc466fe7d17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1448580508bde9bd9f8ddbc466fe7d17_JaffaCakes118
Size

812KB
MD5

1448580508bde9bd9f8ddbc466fe7d17
SHA1

4e4f16d8b184970a50cc1b315231a6afd32551f6
SHA256

e7c3b8dfa18d09d793abb5c9d31a68e7679c44172b5c990b9d1a6f47788f2786
SHA512

ddbdbd580af3599814367374de71e1b4554625c11cfe150e9b283bb706ca22eb0f0e438458108d8d5209550c06b9c89e50a84f4d6a743c642229c2933aa2e43e
SSDEEP

12288:P7oOVEeySZK6WHoTdf1ZZaxJQZaxJrY/bvK5euZNmuYWZaxJccM:PFexjxNYbWpY3xvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1448580508bde9bd9f8ddbc466fe7d17_JaffaCakes118

Files

1448580508bde9bd9f8ddbc466fe7d17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\QQ\QQSword\obj\Release\QQ捕快.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 696KB - Virtual size: 693KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

..
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE