f1b03b691a795480094a7453171a07b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1b03b691a795480094a7453171a07b4_JaffaCakes118
Size

97KB
MD5

f1b03b691a795480094a7453171a07b4
SHA1

3f4e41b2a05ded13d82e373632230c3541cc5168
SHA256

e1063223dbffdee55e47dc82e9b80a99b98b92942eb62b56ed9a0057386cc45c
SHA512

25c7e7708f7defa824b9c39d25b1ce0a6c96be39431867902fc9f13e9f5b900455be7ac5910bf175b1c6831dac3dd26b70af41a60cb64d01cfe9dae88d452bc3
SSDEEP

1536:Dx1BY65+l44hJtR2+TZwFc76Y23j6FlMBaNbcVcAfoIO4fY/7CQIF:DvB7o7Rd9qY23j6Ta99f+XIF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1b03b691a795480094a7453171a07b4_JaffaCakes118

Files

f1b03b691a795480094a7453171a07b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects\reader\reader\obj\Debug\reader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ