c84545e9241b504116c18c4517d458b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c84545e9241b504116c18c4517d458b4_JaffaCakes118
Size

9KB
MD5

c84545e9241b504116c18c4517d458b4
SHA1

e024e8a56199b5d3c5988b909e3fe0df4f45e746
SHA256

ab245119930e53edbcf9f170a946893d72093679c94216cee68ad2512b0a7fbb
SHA512

0b3fec1533ce10597fe83dc8465512cbd3c84609900156df08ffe84a54d4e15f62dda6e5101bd35b222bc4c5d31877508e2a4a1d9b1070a25afcdb3f2aaf8911
SSDEEP

96:WKERc0/XxSlDo3ZxCMXW16fsPC8+GKkBLiWWs94OOTlOUp0aNjGxdRzNt:WKJ8CMCuOXPCPGvBLiWX9VOayqp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c84545e9241b504116c18c4517d458b4_JaffaCakes118

Files

c84545e9241b504116c18c4517d458b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Orcus-1.9.1-src-main\Features\Orcus.Golem\obj\Release\Orcus.Golem.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ