30c7117f5d50183d515fbe242e0428f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30c7117f5d50183d515fbe242e0428f0_JaffaCakes118
Size

2.1MB
MD5

30c7117f5d50183d515fbe242e0428f0
SHA1

3993e680ae1e0576a9c2566a0735d0114f64f9d2
SHA256

b1c88ee755c5d356325f8331b405a8e2a536c5506b3894e1d67ec6ad429ec4a9
SHA512

e912f65fac7f8e22c9a5a8684ad0628688d440654abbd42ff05c4e2907d66584a3fa806924be9512a4083db3f8f7f1de89c8705f0a16eeb2d17d2b8997af2bba
SSDEEP

49152:aBzjtxBOp1B07sjsPEtd2znPrnIwuh0N8FBktS+X6:0bOp1S7sjXqnmlHkt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30c7117f5d50183d515fbe242e0428f0_JaffaCakes118

Files

30c7117f5d50183d515fbe242e0428f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\c#\downloader\obj\Release\downloader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ