41b350526722b04f0ebaf5e6771f1fcf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41b350526722b04f0ebaf5e6771f1fcf_JaffaCakes118
Size

9.4MB
MD5

41b350526722b04f0ebaf5e6771f1fcf
SHA1

dd856c12f5edc7ec0007cafc25e9d98c5061b253
SHA256

dc3eba1ce46c43199cb269821d1200b59efb4232c249ce162f7847010a76cd50
SHA512

e0d2284aff95c630d2a8ec4c2c9a424f2bb55ad81d7df50d1016e1eb8ad635849533011117e6cb9cd35a3754e9a876c37c919770cf273fcf7dd898c58cbb0ee0
SSDEEP

196608:4P26hx3jl2hBvvCqFHb0G14+G/6hJCGD4PZTVFOvt0OGPg0WIhBgm:41hxT4vvzHAG1y6h+xFcWgrw/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41b350526722b04f0ebaf5e6771f1fcf_JaffaCakes118

Files

41b350526722b04f0ebaf5e6771f1fcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Администратор.PRIVE-8DB3B7347\Мои документы\Downloads\_ZipArchiveTV141\_ZipArchive141\res\temp\packed.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 501KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ