e73e4fb9bc78473b8e8d9d4051cd9380_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e73e4fb9bc78473b8e8d9d4051cd9380_JaffaCakes118
Size

497KB
MD5

e73e4fb9bc78473b8e8d9d4051cd9380
SHA1

5f8bede50681a504e232d9cf0e22c44c54e96cb1
SHA256

bb1ab7a145e7c7b78750e24b879c8382e7186fcd26d0f488487ec7a66cf41481
SHA512

c7054fd0cbc80206e686804bdd149e1cf8bf1149e7254e3555228894c0236690fc3a30b00512de93b112ffd5fb4828eb837f6ff26835e471e641ff4fad98c119
SSDEEP

12288:bwuTLnVonZaoeD2Zc5WJjNViioW4Iv/qyvNek68I/3:MuTLn6ZjeaZc5WJjCWHvCye8I/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Swift Copy.exe

Files

e73e4fb9bc78473b8e8d9d4051cd9380_JaffaCakes118
.rar
Swift Copy.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\QSBPrkCqQB\src\obj\x86\Debug\SharedI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 863KB - Virtual size: 862KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ