2c49d8353e59a4d1fef52a7ce52113a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c49d8353e59a4d1fef52a7ce52113a4_JaffaCakes118
Size

1.2MB
MD5

2c49d8353e59a4d1fef52a7ce52113a4
SHA1

9dbc32fa3533d11a3efaad17a4a0849258353c7a
SHA256

85ac9fa4f3f751806d03eaae478c2c07ce20dd31fea66aaace29becda4eee9b4
SHA512

aea8d65aa7fcf848dfdfa1cb27345fc6c4c8ed7d4b758a9ebf27bf0d83641893cc7fe6a7389e85f56598362a77e6ee3d2c1b354e5508fc5b978a133f7cf3ca73
SSDEEP

12288:owYEMLjHOGDSaJOF4bpf4q0+0Tm4QmOe5/iG9suncIH7zoBnUYehT:oDaGWaI4bmqP0FnOU9hpfSqh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c49d8353e59a4d1fef52a7ce52113a4_JaffaCakes118

Files

2c49d8353e59a4d1fef52a7ce52113a4_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Visual_Studio_2012\Projects\N_C_V\Release\N_C_V.pdb

Sections

.text
Size: 419KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 186KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bl
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bp
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE