608e69154f1c25af9b70f9a442b09b3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

608e69154f1c25af9b70f9a442b09b3b_JaffaCakes118
Size

362KB
MD5

608e69154f1c25af9b70f9a442b09b3b
SHA1

9fc43cdfe854e30cbc4561f62c12ed390084eda5
SHA256

832943d67576d68bb20bf2e0f03e6c48cbc24e739584068dae175e4508299190
SHA512

117ed86cda75033019c4d234e33dcb0bb801cd1b12d95174e842633450149c49c8ddce5bcbb89bd4e2411c586b9f59d402d126bdc606e264ecf33d72d9000756
SSDEEP

6144:I7X+zqxt281to5EzqsH6kgz6Uau/jXqyjuKOyGmAVmT9uCQLVcRkqcaqNtE7Yc5D:envtLtwWKRkR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
608e69154f1c25af9b70f9a442b09b3b_JaffaCakes118

Files

608e69154f1c25af9b70f9a442b09b3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Code\Rogue Trader Generator Tools\RogueTraderSystemGenerator\RogueTraderSystemGenerator\obj\Release\RogueTraderGeneratorTools.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ