fa76fcbe2fb4937c79a313b064db07ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa76fcbe2fb4937c79a313b064db07ae_JaffaCakes118
Size

43KB
MD5

fa76fcbe2fb4937c79a313b064db07ae
SHA1

860733ff6b1cd013a4c79474a4986285a92aff4c
SHA256

bb6bf5a81e7ce35327253fa15ae76b9f32a2dfb7c0def1083789e9ea135c25ee
SHA512

6f462869872c1173a7c0c92b1a4bcb55c0d0338c1a3c547748e9b9d3a9448d335c0c138b95b29348b8b5d7b47d53b0cc3b40861075f2bb949884d6e0892530e7
SSDEEP

768:rLQ7Qn6x7VQmD+gHdRlLPRkAkQWmNIMLqhiPWoZxCCtxuxru:r07DV3RHLl73kAIMLRNmCqr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa76fcbe2fb4937c79a313b064db07ae_JaffaCakes118

Files

fa76fcbe2fb4937c79a313b064db07ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\TOSHIBA\Documents\Visual Studio 2008\Projects\cfFncEnabler\cfFncEnabler\obj\Release\cfFncEnabler.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE