089e90ce9096181a3684e167e273ce5e_JaffaCakes118 | Triage

Sharing

General

Target

089e90ce9096181a3684e167e273ce5e_JaffaCakes118
Size

232KB
MD5

089e90ce9096181a3684e167e273ce5e
SHA1

d75c7f8cab496d250b602f963d3c76e8321ccb0f
SHA256

8b1ba646d83c47cd6ef3e6b056ecf270ec3f69261a62a2b36f6c337920e36224
SHA512

2054240de46e0493b583400b0b87c3218a50b4b7412c4ccb5914591a243b50823a17cd1f44ee4a9390174943d6b1376e607922d9f4e00021b4ebf57dbf319406
SSDEEP

6144:wHnMBnF2HgBAABSJqp0FSrwpY9UyC7lAIjj:KnMBYHg0qKEcWUFVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
089e90ce9096181a3684e167e273ce5e_JaffaCakes118

Files

089e90ce9096181a3684e167e273ce5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\QuTa!Ba\Desktop\stub\stub\obj\Debug\stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ