31a42881f99fac904062a8529bbb0fa4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31a42881f99fac904062a8529bbb0fa4_JaffaCakes118
Size

193KB
MD5

31a42881f99fac904062a8529bbb0fa4
SHA1

ce2c8dd782678c06d1ab7fd0e815eae0a4818c08
SHA256

e21a3807d2cfa5837e9617aad9b737cfefd15ac2a8619fac03f87a9a4de8c9a5
SHA512

62ac61ebb321b2eef0302188cd42368046b6e33a586c0c1cd0fad133c42ae4644e897b93d82182808990fd247a75111c1cff6568b44d5e228a1494971e9ed60e
SSDEEP

3072:U5/CTVPXTYyzrCJ+2tqLIACMYBL5CqtKeZb8rojsnIu+kEQw0TBKXWzx7LE8hAuV:yCBJbYtCaP8EjsnE+Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31a42881f99fac904062a8529bbb0fa4_JaffaCakes118

Files

31a42881f99fac904062a8529bbb0fa4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\DocGenerator\WindowsApplication1\obj\Debug\AWRDocGen13.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ