ffcedb5be1a0cfcb71f5670a5f1bca72_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffcedb5be1a0cfcb71f5670a5f1bca72_JaffaCakes118
Size

281KB
MD5

ffcedb5be1a0cfcb71f5670a5f1bca72
SHA1

5cf446825de8749eef2a4553cd9974add37d3a03
SHA256

d8602694538fc6ac4fdadc3b0197268e3824357aa4f7ee774118537ca42fe5d6
SHA512

e333ef9b4602d0843d7c9cea128c8175467495305bc92f7f15e848edfdf5a228cb090b050b4f091a866b3051b2aa0f763209cc53f4ce55e886ecf1712ccc722e
SSDEEP

3072:YjHIjOnLu8hJTS2h8baRwX2NConcRulAlSfzEPCNjj2BMShq3QH+Lk5NGdYfQpUa:YjgOnLVhmn+QhfeAx3O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffcedb5be1a0cfcb71f5670a5f1bca72_JaffaCakes118

Files

ffcedb5be1a0cfcb71f5670a5f1bca72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\admin\documents\visual studio 2012\Projects\WindowsApplication4\WindowsApplication4\obj\Debug\WindowsApplication4.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ