16aa159a02ad34f68a2641064c55c705_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16aa159a02ad34f68a2641064c55c705_JaffaCakes118
Size

582KB
MD5

16aa159a02ad34f68a2641064c55c705
SHA1

6bc88f4ce3058309dfdaa283c7ba6f1e3253e795
SHA256

df717d3cd515a338bfab4260af3bef01c97092f45d8abe19e0593cc3b32cc738
SHA512

eb7da3437aaccebf28842c49df3397ae2e4ace79d08bf8275d5ee80cfe490454ee24e8cbd3203af346859ea9b881becaeba151a7e9a2e962226a36b8e79ed3c3
SSDEEP

12288:lpHeP/7VZJlzFMPyd5RKdoD7a2jyHJO8yGGAFrssEXherb6pzRYN39I:n+VZD/D5OHk0DFss0SlNNI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16aa159a02ad34f68a2641064c55c705_JaffaCakes118

Files

16aa159a02ad34f68a2641064c55c705_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\FP_Win_NF\FP_Brannan_228\code\build\win\results\FlashPlayerApp\Release\Win32\FlashPlayerApp.pdb

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.khe
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE