40672c5d8bcc6391f98d29450ea5f933_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40672c5d8bcc6391f98d29450ea5f933_JaffaCakes118
Size

2.8MB
MD5

40672c5d8bcc6391f98d29450ea5f933
SHA1

3316f2e33d9ee86a5efe848becbda059a75ca68f
SHA256

1480505b7d8f9d04dafd9e92636219065fe108d0bd9b15ba43d62df2dc751ee5
SHA512

3ed467c8c8a4c2be8025ee26680af8b65982b83f43b7a1cb4f414124a1fad67b9f7055d7819a1b60f59915b2e991caa078b28e0874e7ace264d55bf0535e0c81
SSDEEP

49152:/W+3mpx1UO95EED74eeasY6DwOBfrnvV7UeWtyZwLCv:/L3Ax1UO95EEDUXYiwOBpIeWMOLCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40672c5d8bcc6391f98d29450ea5f933_JaffaCakes118

Files

40672c5d8bcc6391f98d29450ea5f933_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\YourStars\Рабочий стол\ZipArchiveTV141\_ZipArchive141\res\temp\packed.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 492KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ