fb5f8411969bcd1ee257916bdb764268_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb5f8411969bcd1ee257916bdb764268_JaffaCakes118
Size

15KB
MD5

fb5f8411969bcd1ee257916bdb764268
SHA1

a5ed7c3274b9d2003bc08891b64ff0af9af50811
SHA256

2830439dad14604dd307208c59827151245f6547b84861b1b76e3b7e09ac70fd
SHA512

381455e2c0440bae16fd52fb72aee1923b5e789509b8449e592dbffab633fc13a266558c6e8e61c69e5f3252c2494051b78d9b671c51ed9feb783f3a95a47f97
SSDEEP

384:rHF2U2ZtZcm9aJ32EvjYOWcXtxOMp+9rdV9Uf5tkSRHz6v:DwmvWcXtj+9rdVm5tFRTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5f8411969bcd1ee257916bdb764268_JaffaCakes118

Files

fb5f8411969bcd1ee257916bdb764268_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\soren\Desktop\file\PPPP\c++ get password 추출기\obj\Debug\ConsoleApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ