44e2a42b388aaf49f4ec71068e76c0c9_JaffaCakes118

General

Target

44e2a42b388aaf49f4ec71068e76c0c9_JaffaCakes118
Size

716KB
MD5

44e2a42b388aaf49f4ec71068e76c0c9
SHA1

d2a70806738406169d99766229dc04df71a664b7
SHA256

74f2d815f96a2bca3c01865ba7a59de25327e3a6832f0de85255480d5d3544f7
SHA512

02432e980df6c22f741891e930f436230117d6ecd6d29c7848f2ee720233ab74713e24b3e491ba6b0029cebc0ae117584fc84ab7c8d02d443e245d85ff1a9246
SSDEEP

12288:XPJnLwvSYcqQo8S6KmAvCxO1QR2MN//yB6jZL/7JiP2jbxHIqr7N1R:XPJEvf8NXEI56BWZD5JHv7N1R

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/_SetupPoker.exe

44e2a42b388aaf49f4ec71068e76c0c9_JaffaCakes118
.eml
- http://odnoklassniki.km.ru
_SetupPoker.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 451KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
email-plain-1.txt