f523c07e2b59f78fdab06486bb4130e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f523c07e2b59f78fdab06486bb4130e7_JaffaCakes118
Size

5KB
MD5

f523c07e2b59f78fdab06486bb4130e7
SHA1

6aed39a3321d1cc512e299d74a16d6bbdd7b7db4
SHA256

1aa3ecca8faa21fd13556d977fa4b335740f4243978b3b12b2fab4fbac7cea2c
SHA512

484f79dc7825ca4cc27c383a2e634a7d55a1f0573cd90b859f407242c4a06a88780aef32424cb09c5e7c8439da63286f3c215f15726567495701a2458b261dd0
SSDEEP

48:6aWJ9B9PVoMRZTTY+Fh41NM9+QpKU05a01MnZUo5bLZsFtR8lcPIQFipfbNtm:MrPVRZTU+AI+sKrkZUo5RqPCzNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f523c07e2b59f78fdab06486bb4130e7_JaffaCakes118

Files

f523c07e2b59f78fdab06486bb4130e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\БЫДЛО\source\repos\svchost\svchost\obj\Debug\svchost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ