ffd64c61ed2512edaa665fb9d5af7aaf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffd64c61ed2512edaa665fb9d5af7aaf_JaffaCakes118
Size

20KB
MD5

ffd64c61ed2512edaa665fb9d5af7aaf
SHA1

0f148c0dbe0ca01e2ba276f6a4e5464b1fda0075
SHA256

66626718efb1bc294ca4154d634f0bc3bcf8a0aa5f41503d7aa582fb7920e9f4
SHA512

ff3ca9235f0a541d14f6205ca0e04320db7043380f86d54a1293351b97be602f08ca747572e959ede114a0d15fb8d988c4dcf46135ed5e5c2d2d117b69046de5
SSDEEP

384:2ZZn0Q8tKtxkFXv/RXxToBd2fXBzpuyYtB:298f5R1oBAXlpuy+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd64c61ed2512edaa665fb9d5af7aaf_JaffaCakes118

Files

ffd64c61ed2512edaa665fb9d5af7aaf_JaffaCakes118
.exe windows:6 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Digi_Dev\OnlineBackup\Verizon\SchedulerService\obj\Debug\OnlineBackup.SchedulerService.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ