fede16f11bfe6205d9f41a47c822bd2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fede16f11bfe6205d9f41a47c822bd2a_JaffaCakes118
Size

1.5MB
MD5

fede16f11bfe6205d9f41a47c822bd2a
SHA1

eb6382dc746749cf7f15697ae41eb9cefb25c815
SHA256

3f878ef5fb0bfe64b0c1cf5fe7b34bdb77e949af887675d74c54fb0a1ff87120
SHA512

6fe9c097fde2f833db8a85e2ab1c4f9abb13c9d1ed3c623c3728b4115818d098e58857456110107780527ed58df6a36186ed6fc8ad33e7e3e64e4ce597755d72
SSDEEP

24576:XDPVohiQpu92/0r2Zj3YsDClQLRIq60ZBnSgnRQ/cqAv0NoB/y8RY:Xpohijr2J3Y2pLRID0XSkRDv0Nod3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fede16f11bfe6205d9f41a47c822bd2a_JaffaCakes118

Files

fede16f11bfe6205d9f41a47c822bd2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\jguia\Downloads\sdada\Discord Rat Virus\obj\Debug\Mercurial Grabber.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ