3c4ae3b7994d276fcdc853c3af4c3fd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c4ae3b7994d276fcdc853c3af4c3fd6_JaffaCakes118
Size

1.4MB
MD5

3c4ae3b7994d276fcdc853c3af4c3fd6
SHA1

a622cab5653d0eb979386271d8c1c90c41c7c205
SHA256

e5800116ae7a4c061287d9208ea3771e19f59de6ae85907e9bdde9c2895cc9d8
SHA512

9e630ce9b0bfbd0969c01dbd24254aca56b1dc21b60fc4fcdf11de7e8490917f4e76b5e2739d3c31f9293ae064af5f032151fc05b0fae4557c38a6c58465244b
SSDEEP

24576:J1Z4iQn0mmB58WAjFnusfH7vux5TcGufs9YIcdM1hbiD8upsvSA/3:500mmMru0fRSiDaSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Keygen.exe

Files

3c4ae3b7994d276fcdc853c3af4c3fd6_JaffaCakes118
.zip
FoxitReaderPPC.CAB
.cab
000setup.000
FOXITR~1.001
_setup.xml
Keygen.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
԰/FoxitReader.exe.0804.mui
쿴йǿַȫ.url
2345Ϊҳ.REG
֮downza.cn.txt