f5a995829003dcd2ee5dc5adba1c0ef3_JaffaCakes118 | Triage

Sharing

General

Target

f5a995829003dcd2ee5dc5adba1c0ef3_JaffaCakes118
Size

376KB
MD5

f5a995829003dcd2ee5dc5adba1c0ef3
SHA1

af19f7825662fb91feb23f0fd263892e78e7a31b
SHA256

9413f7f8859ef6c1cdb503c2e9a6024a3f19a54cac1db0ec096c6ec79e173eab
SHA512

7bea118daa737ca99647f801f6fbd61e7022e6aaea5c9c60f242af1e8697443fc8331570d29c23aca21226dd24af58c6278a89a717fad78c831b51c060751818
SSDEEP

6144:Qv0aIIeONhHsCYCEiOuNoebhHFFAo3Tq08YbWOksvjQLcpk9pvEXCl3bl:Qv0aVnlsCYCVlFFdjq0lb/k29krD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5a995829003dcd2ee5dc5adba1c0ef3_JaffaCakes118

Files

f5a995829003dcd2ee5dc5adba1c0ef3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Federico\Desktop\ProRat_v1.9\.-..pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ