ff7930b6eb73be72503f7070df2c4541_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff7930b6eb73be72503f7070df2c4541_JaffaCakes118
Size

32KB
MD5

ff7930b6eb73be72503f7070df2c4541
SHA1

d06bfd8db048401678277f5b9e31677e588d36a7
SHA256

71f97c8e728ab0bc46a94dfb72a6f6cef9e41bea8cc17d935fe3b29c0b4ebd22
SHA512

d26e68416772f74947c8aefe2b5b3011d833b165d4d0d5628887f722467829d36ecd9fc2ba8b0e55f9cd22ab4ad91cf9e5d041d0328a36f232e2e749d7ce2568
SSDEEP

768:itL+lrNcSR13kN5c2YJbFHj5ZdPgpOPtc:itL+r6SR134a2WVoEtc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff7930b6eb73be72503f7070df2c4541_JaffaCakes118

Files

ff7930b6eb73be72503f7070df2c4541_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2c86d878928ba53bdea158e8764939f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Visual Studio Projects\Br\Release\Br.pdb

Imports

kernel32

ExitProcess
Process32First
GetCommandLineA
GetProcAddress
Process32Next
GetModuleHandleA
CreateToolhelp32Snapshot
CloseHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsDebuggerPresent

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ