39d3706560f4e123600b438db281a9f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39d3706560f4e123600b438db281a9f1_JaffaCakes118
Size

160KB
MD5

39d3706560f4e123600b438db281a9f1
SHA1

45add15dbde6d7103cd62dca7ab0fb4646b2859a
SHA256

763e66c5612a886065154921c0484083602762f777df8febdd13c189b425528e
SHA512

67a5998856b7587e49eaba828108bd47e4e238f9f603eeb0100fdb8e1ced3ffda8e73a8f877aa34e1419a2d30e493d766a2c16b8e71f5117ccfa34be69c3c879
SSDEEP

3072:FDDGIF095kF/32GhNvqC7yxw453uG4z1qhN/+XqzMnuW88gsFaW:XN2GhNiCKWG4zghN/+XQMuW88xFa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39d3706560f4e123600b438db281a9f1_JaffaCakes118

Files

39d3706560f4e123600b438db281a9f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\salah mahdi\source\repos\WindowsFormsApp3\WindowsFormsApp3\obj\Debug\WindowsFormsApp3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ