f319fe9f8296a7cd73d1055027042e2f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f319fe9f8296a7cd73d1055027042e2f_JaffaCakes118
Size

30KB
MD5

f319fe9f8296a7cd73d1055027042e2f
SHA1

6b5b52e24f4627fed8e549fd8a30fd701a0621b6
SHA256

79824f5a95bc1a8401fa739e99ad0a387462041b575b68d84074c7ffce3d8005
SHA512

ec8029d995d623cf534c015af099d078084a7180cf9edf14aaff242856649f777b2a65a4e6ec317fb8d6daa5585e577aba948354bb88fa90a17cce37a537ac7f
SSDEEP

384:9fKxfm5QalBb8wDKVGcTJSZGNLk24jXPlkuoln+1/ZY5zGyHRetCRBVXVlh:kxvaLbfDWQY2XPE+6rllh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f319fe9f8296a7cd73d1055027042e2f_JaffaCakes118

Files

f319fe9f8296a7cd73d1055027042e2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\masterhyp\documents\visual studio 2012\Projects\WindowsApplication5\WindowsApplication5\obj\Debug\WindowsApplication5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ