501752364bd380baca5eb53fd3426345_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

501752364bd380baca5eb53fd3426345_JaffaCakes118
Size

795KB
MD5

501752364bd380baca5eb53fd3426345
SHA1

104307d06484e7f204f8e583ab3c6343e37294d2
SHA256

bbe4478ac1b55569e75677255542b21371b6c0fac6b964eda766135e0e17bcbd
SHA512

a3928b5fc6b726db4708c35f34c9263ae2d6048dc8f5fdce618217c7b4403830b4db00e6dd6bec0dd1c156933fd29175a3cb11d9c7a9656302fded4e7ca907a6
SSDEEP

24576:bBAVhm5CuPjF0nDPTXU+wFvX92/z0WGy08LKRi5L6kLsLNL/Ic04tgop0uxOLzgn:/p0nDPTXU+wFvX92/z0WGy08LKRi5L6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
501752364bd380baca5eb53fd3426345_JaffaCakes118

Files

501752364bd380baca5eb53fd3426345_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Herdman\Herdman2020\Herdman\Admin\Administrator\Administrator\obj\Release\HerdmanAdmin.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 781KB - Virtual size: 781KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ