08163ead98e8ad7ec8fb1252e400e671_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08163ead98e8ad7ec8fb1252e400e671_JaffaCakes118
Size

19KB
MD5

08163ead98e8ad7ec8fb1252e400e671
SHA1

4f60ba62acd03bfebc15f7feb2fb8903dfe9a124
SHA256

9800ca6f4fae827b93d70dda6fab5d6fdc07e0cc24c73e007b6021b64a895504
SHA512

c1feecaa7730d9e5f73a057410d5f4cd90a5c8c82bb739f30a9d482f0725c419f6b88a930c978fd97569b6aa468e5f27cf6619090e7492b2518f0066ce517cde
SSDEEP

384:YBpfji0+UCjlrnEvfJbnLf45GAJQfmG8jc3X:YBpfji0DCZDch/1A+X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08163ead98e8ad7ec8fb1252e400e671_JaffaCakes118

Files

08163ead98e8ad7ec8fb1252e400e671_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\user\Local Settings\Application Data\Temporary Projects\Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ