2dedf68467305e980618c6c2709bf7b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dedf68467305e980618c6c2709bf7b8_JaffaCakes118
Size

2.1MB
MD5

2dedf68467305e980618c6c2709bf7b8
SHA1

5f2aab2cd32abac54b31795c0a9115444b714354
SHA256

b63b1717656250fb334fc48dce66e366fa9afb3fa9d8efb86323f7cc202446fd
SHA512

e093e82cee05e3d11f165f9a3c10a6a6f13b9a88159ea20a86fb93de5fa3d15a5fe75fdb671ece0dfacd9809af59f09de8dbef45041e22aabd295881f44a16b3
SSDEEP

49152:bMU0BtZgfYzzSw72uUb/mJIPJea0/av7MnmSCb932W/Y76VI7OZc/S9QjmBknKF6:10afYzzSw72uUb/mJIPJea0/av7MnmSj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dedf68467305e980618c6c2709bf7b8_JaffaCakes118

Files

2dedf68467305e980618c6c2709bf7b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\李星\竞天微著\客户端\辽宁\2.1.0.12 最新功能，动态保存客户端，浮窗 soso版本去掉IE浮窗\NetBarClient\WindowsApplication2\obj\Release\BarClient.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ