2516ddd5fa7daa5858b34da7147bab10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2516ddd5fa7daa5858b34da7147bab10_JaffaCakes118
Size

638KB
MD5

2516ddd5fa7daa5858b34da7147bab10
SHA1

e2ae356072a5de051aa55cc1fdd7eac20e5e5aad
SHA256

691e170c5e42dd7d488b9d47396b633a981640f8ab890032246bf37704d4d865
SHA512

6bee4fa7e32efef88570ffae74d548e4073d5ee26f1951afd2148a6a911c55b157625ecdc0699600105c1a86e66062702d1cfc18ae1be8b0cff75014fb5f4e04
SSDEEP

12288:+L6hD2x/HAWbR2zS4sisO1A83u2BSDoCqKcSD+dkwvE2TPLCTYqYB:Y6uHAW92zt/sWu2BSMCqD9DL5B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2516ddd5fa7daa5858b34da7147bab10_JaffaCakes118

Files

2516ddd5fa7daa5858b34da7147bab10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Testing API\Screen Working\ScreenCapture 4.5\Screen Working Updated\ScreenCapture\ScreenCapture\obj\Debug\WindowHostService.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ