036bd3ab8da3e2e2cc0d0d8f6e090aaf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

036bd3ab8da3e2e2cc0d0d8f6e090aaf_JaffaCakes118
Size

504KB
MD5

036bd3ab8da3e2e2cc0d0d8f6e090aaf
SHA1

3a5a54e579e2ed4efe35a93f8b73c4e0a7d3f1ca
SHA256

162b7f39f81e3c76688781d53e48856aac58f1065d29183efb3c7baeb03aea35
SHA512

3d9775ef507a65771f7f8ba85c2bbc3bf173313f692f07895d3fe1029cdb0e837202a86f05f766cffaa7a91e1ed6da7452b9e79c4968b871ea212b2de799a2dd
SSDEEP

12288:FZntglrCmqZNWtmxM8cB5oF09SPg9T4I8TfIcI8BX:ztglr1qZNWv5oF09cg9T4ZVlN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
036bd3ab8da3e2e2cc0d0d8f6e090aaf_JaffaCakes118

Files

036bd3ab8da3e2e2cc0d0d8f6e090aaf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\build\ob\bora-2305329\bora\build\release\apps\vnetstats\vnetstats.pdb

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wtq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE