6cdbc5b731d20de775a6da74162d69fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cdbc5b731d20de775a6da74162d69fc_JaffaCakes118
Size

184KB
MD5

6cdbc5b731d20de775a6da74162d69fc
SHA1

2515176979ac5c7045ff201b5534d1e0a576522d
SHA256

56ae76afe887ede32e0b36748f5a139ffe2ba92ef4eb04cb0646818b2333709a
SHA512

7800e62c78dca822bd8cde55fd9654eaa094236046ed60ce796a35c5d764e1308a961dd2eb7b2b0b46eaf2483e29602741fc8075a67ffc2a2d399703ff92b92c
SSDEEP

3072:juslBAxWwvknLHeOFQlxm2F8baRYX2NCancRu7AlSfFARPnJ+p4/y9/FUi/AA49a:juslBAxW6knLH7FQl5EEN/FUi/At9JN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cdbc5b731d20de775a6da74162d69fc_JaffaCakes118

Files

6cdbc5b731d20de775a6da74162d69fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\dell\documents\visual studio 2010\Projects\WindowsApplication5\WindowsApplication5\obj\x86\Debug\WindowsApplication5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ