0cd0fe20ca3d7fbb06773d5ee73d6b70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cd0fe20ca3d7fbb06773d5ee73d6b70_JaffaCakes118
Size

957KB
MD5

0cd0fe20ca3d7fbb06773d5ee73d6b70
SHA1

b46073549b88f1fcd297bbf54300f64ac3934d56
SHA256

83ebd3ae9cb9c4397ba77361eba7ae0114f0471c5174333bbe484b3b1f99d40a
SHA512

331c60ffc48a9b27538b92b65ae8f2b6cc48a820021b727c99d7dc25da98e92c0a11a77db16c30224b1bb70f272b3a7e3868ac8d8954df83fe79ae5c8054c2d4
SSDEEP

24576:wNURDxcXpTnh7W4ac+cG6wwpLC/vYmi49:wSNx4dI4adTYCBD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cd0fe20ca3d7fbb06773d5ee73d6b70_JaffaCakes118

Files

0cd0fe20ca3d7fbb06773d5ee73d6b70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\magic\Documents\Visual Studio 2013\Projects\Pc doctor\Pc doctor\obj\Release\Windows Scan.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 857KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ