4b1db82e5b59c1a3be14bc17f51823ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b1db82e5b59c1a3be14bc17f51823ac_JaffaCakes118
Size

90KB
MD5

4b1db82e5b59c1a3be14bc17f51823ac
SHA1

4a8d4b8bd0a9713d2d2b03153e319d788d4f9cca
SHA256

cba4aacb040417283aaaa4ea9026cb9f4b2ac4f6b75de6d1fa4e765092dc7807
SHA512

b108d2a2517c7561612790cdc36e16018d1806444f2639d929b0933003afb0c87ba30cefb3999d083eff46279df83556d59e1fbda5f45849aade8a9c40d89a73
SSDEEP

1536:vlo4wr9RIkG0adBj8xba/h1QuWIlGYIz+x4fOaBUf4mh:bOi02jhJDWIlBIz+ufOaBeh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b1db82e5b59c1a3be14bc17f51823ac_JaffaCakes118

Files

4b1db82e5b59c1a3be14bc17f51823ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\svn\din\vReveal\3.0\trunk\UpdateNow\obj\x86\Release\UpdateNow.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ