464b18ad7ecc1c8dfb110ff51105d65b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

464b18ad7ecc1c8dfb110ff51105d65b_JaffaCakes118
Size

570KB
MD5

464b18ad7ecc1c8dfb110ff51105d65b
SHA1

3ed81269bba577a1f319b7a8a9a4fe516f2fef20
SHA256

baaf22bdea2254cf981897f00e2b0f75741497231f99e2c01ff4c95805c1ec6a
SHA512

9b64dc35ff26ee2e3f643f2701a2d034798c6bc10cbdf475a9b3b41d9604c79cf32821b25a79939e1ec0ff6ab3c3b1e5e36f39d307e8083138bdf6aa7b7a1b21
SSDEEP

6144:viFNxSTVMN0tRij3WeJOPVLTrIqwcMaysGEp/nlUz+t9h0tR:aNxSTumiOPVLTrIqkabzlUyC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
464b18ad7ecc1c8dfb110ff51105d65b_JaffaCakes118

Files

464b18ad7ecc1c8dfb110ff51105d65b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\(BackUp)\Cracks\VB_Kaspersky 2009 (8.0.0.454)_2.3\obj\Release\Kaspersky 2009 Trial Reset_2.3V.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 434KB - Virtual size: 434KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ