7487534ac2d066ffbb916331928aabce_JaffaCakes118

General

Target

7487534ac2d066ffbb916331928aabce_JaffaCakes118
Size

72KB
MD5

7487534ac2d066ffbb916331928aabce
SHA1

ab4da3084b6fda9b5b9de2967ceb1d30e1c9756b
SHA256

ddb44ba27b92fe1cc167b4d5eac26825672707763237026e22d8b41f4fc28cda
SHA512

512c9db2a5b213d0dd046b13de7edc1dbc9f3ac8b3870fbceb9cfa010e21d6a0a1fb55e0e3d505f9d57116eff24bfa61815f8215937a2ab9e7a081705dd663ee
SSDEEP

1536:N83ksdB1tvPL/KJ6dYxgp7GRY5D5p6JW8T5UEMJiApEsdC:C3RX7jxXEuFp6FT51MJv7dC

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GramMarly Conivars [SoftWare].exe
unpack001/xNet.dll

Files

7487534ac2d066ffbb916331928aabce_JaffaCakes118
.rar
GramMarly Conivars [SoftWare].exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\gamro\source\repos\EbayBruteForce\obj\Release\GramMarly Conivars [SoftWare].pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\xNet-master\obj\Release\xNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 162KB - Virtual size: 161KB

.rsrc Size: 101KB - Virtual size: 101KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 99KB - Virtual size: 99KB

.rsrc Size: 1024B - Virtual size: 940B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 162KB - Virtual size: 161KB

.rsrc
Size: 101KB - Virtual size: 101KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 1024B - Virtual size: 940B

.reloc
Size: 512B - Virtual size: 12B