7f0f35c50f67a8a383dfca21d12780a2_JaffaCakes118 | Triage

Sharing

General

Target

7f0f35c50f67a8a383dfca21d12780a2_JaffaCakes118
Size

564KB
MD5

7f0f35c50f67a8a383dfca21d12780a2
SHA1

5b8d4cbd1393b3bf156ed731102bb7f737dc632c
SHA256

470153e2955821a4063f2645f5eea53551c28d2980cb2f34b236e4b14c0cd289
SHA512

0f5d584e43e33de05a62aab7ee6c72dbb0eee1d82fb342fa569bf32d7aeb0c761c462835939d826e1b3dcb3ebe725be6480276a964d7aec5f49cb0b00521743b
SSDEEP

6144:eIwsII3emtkVXCMbMgotROuV8U7gXCMb:dxveCMAlCU7GCM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f0f35c50f67a8a383dfca21d12780a2_JaffaCakes118

Files

7f0f35c50f67a8a383dfca21d12780a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\DevSrc\KGB_Perforce\Framework\KGBLS_Upgrade\obj\Debug\KGBLS_Upgrade.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ