68e05f32c339585c1d415c35d805245f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68e05f32c339585c1d415c35d805245f_JaffaCakes118
Size

72KB
MD5

68e05f32c339585c1d415c35d805245f
SHA1

d6917a7251b868bf957c12b8f3c03640f55b79c4
SHA256

ed6398ae88f980ec67453283ae2087086f98236250e7fe1d071fa39d0b0f966e
SHA512

aee88d6406b8c7e6453fb236940adb25f0164ea53ee81256a30303610c4821bd47eac86aa5d2e795f700801c6d7f9b43f2ee1995de7caa80c5dd5b6ac02fdcb3
SSDEEP

1536:D3eJG53G73mxdvddLYh7TYOVZkH+qYPTkU:D32GhNvzYhNu+qKkU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68e05f32c339585c1d415c35d805245f_JaffaCakes118

Files

68e05f32c339585c1d415c35d805245f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\marcio cruz\documents\visual studio 2012\Projects\WindowsApplication5\WindowsApplication5\obj\Debug\WindowsApplication5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ