108abda7915e7b2338376b4fc81a7e87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

108abda7915e7b2338376b4fc81a7e87_JaffaCakes118
Size

51KB
MD5

108abda7915e7b2338376b4fc81a7e87
SHA1

816f14dbb37b0f6bbf60541bf665e43c7dc2e410
SHA256

c2233ca7136cc0b6ed13e5d7f6aa05ea766bcbb60914d99ca51b333e44ab8b1d
SHA512

2ffc6165be49ae2214313f3e5c1159980f5cab363b745a35ed6d3bf2d1d504e47b4ac101adc269d382a75fe2bfccbe2b94aa6dca3c3d3d864cf291975838efb7
SSDEEP

768:KjUWxJJVxVIJngAN2aWQFuAPST9EIt5M4WRtchhYZJt9tk5KB7TYGXf3Vis:BCxfANT5FuwSTmI396yw5kOTYGXf3VB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
108abda7915e7b2338376b4fc81a7e87_JaffaCakes118

Files

108abda7915e7b2338376b4fc81a7e87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\Programs\Simple Programing apps\Programs I Code It\VB .NET\Fake Ransomware\Fake Ransomware\obj\Debug\Fake Ransomware.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ