8e0ce7beb8d3e880e0d3fd114885198b_JaffaCakes118 | Triage

Sharing

General

Target

8e0ce7beb8d3e880e0d3fd114885198b_JaffaCakes118
Size

25KB
MD5

8e0ce7beb8d3e880e0d3fd114885198b
SHA1

de4b05d2339620eddb9fcad0e09432a3fe1504b0
SHA256

00de8833e1b4dc57ef572142d651842571c71106af67ec92e5d2e979879a0e33
SHA512

e05c69a7353d28c018962cf337fe13ac66ec680185cfd06e61168f70da270e8177b8ab0fa3ad19db46a170d0759e23cb059aa431cbe4ba939350972afab6141a
SSDEEP

384:FXme4AgDJS8ra/87qpvIjpmSeGuX+0uPtlH8b7YvtCioPMFZA8PorvntQJT:FWbtDJS8ru87qFIqgSbKsP38/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e0ce7beb8d3e880e0d3fd114885198b_JaffaCakes118

Files

8e0ce7beb8d3e880e0d3fd114885198b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Celso\Desktop\LiteHttp\Bot\LiteHTTP\obj\x86\Release\GoogleUpdater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ