08bf1298e2f023a954ce275a128cd062_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08bf1298e2f023a954ce275a128cd062_JaffaCakes118
Size

120KB
MD5

08bf1298e2f023a954ce275a128cd062
SHA1

11d746e5156855e54370379333e5ce13b3a47491
SHA256

fe512e79f1f52c360890d8f51a5eb69f75d9296fde5225f5dc38a3b779bf5640
SHA512

e87fd4f24a0c34ea376d5004db9baed46bf43cff2bf3d6edea40df0e323755d73db6b00a201462442e7613fa85d5f3c62c17dbab14ba7b95f69b7cee0da4f124
SSDEEP

1536:9koVEZNk1YPnPdgMGnu3gskQJQ6MKNytoXi4nB56J3L8COag6OL4k:+cYf9Gn1QW6ly8lnfu3YBagLL4k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08bf1298e2f023a954ce275a128cd062_JaffaCakes118

Files

08bf1298e2f023a954ce275a128cd062_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\WindowsApplication1\WindowsApplication1\obj\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ