f6ea8e0a857ca48af1037123a961e2c3_JaffaCakes118 | Triage

Sharing

General

Target

f6ea8e0a857ca48af1037123a961e2c3_JaffaCakes118
Size

399KB
MD5

f6ea8e0a857ca48af1037123a961e2c3
SHA1

c795f4b8eb82a706cd63871a584584f98f7b750e
SHA256

9ef3e972b6cea01dc3c45c3401712e12d68e34a59a377c03eaa6e88459e17112
SHA512

aa7bb8d2465a9e6c69e7761e08eac23e3b5a3adb623b3357de76a1e98f485943a59d5c634bb39937d71429b07ff45114d760c9e80f9deb744194ca27fd70c82c
SSDEEP

6144:idSQREz0ME/4IHrcJoMxqQJQK7VeFjtoOPuzC5N4JK0M:eROQQIHrcajIVCoOPVN4hM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6ea8e0a857ca48af1037123a961e2c3_JaffaCakes118

Files

f6ea8e0a857ca48af1037123a961e2c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Dokumente und Einstellungen\Carlos\Eigene Dateien\Visual Studio 2008\Projects\Cryptonix1.1\loader\loader\obj\Debug\loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ