31918859bbf1ac102e239fa64bab2f62_JaffaCakes118 | Triage

Sharing

General

Target

31918859bbf1ac102e239fa64bab2f62_JaffaCakes118
Size

163KB
MD5

31918859bbf1ac102e239fa64bab2f62
SHA1

82cc4a87f4b965922cc49ea7e1225600a0b26b28
SHA256

8f7b221d21d4444a5706990a2ff0c0072ba1bc11a4885aa67490844136b3d236
SHA512

5cf810d9e93abbf45a6a3d9f683ba324e456c212d8016cf24f593362f8fa3c89ff4d5ea79bf40372579d89e469da0012ad30122ffe81a52075b4cc55bfed9b6f
SSDEEP

1536:HwmOdzs25qJVyNxsI9HHau2bOGVcT/S3oeBbvn/PQ:HOzBWUNfP2bOGVcTq3oeBj/PQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31918859bbf1ac102e239fa64bab2f62_JaffaCakes118

Files

31918859bbf1ac102e239fa64bab2f62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\FUD\mt4Plugin\mt4Plugin\obj\x86\Release\RSATokenServer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 114B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ