0faca8bb8612b12f610e4baf0d01becf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0faca8bb8612b12f610e4baf0d01becf_JaffaCakes118
Size

271KB
MD5

0faca8bb8612b12f610e4baf0d01becf
SHA1

0253d8760a2f59fdca1c9c147e669931dae7899b
SHA256

87be1699b0d775550ff6f183b032df1de0e3fbd42c413c66ace951fa7367f78f
SHA512

28b0280d74e7a109209d7c6e89f050288c16a33bea4fe072f9cd54dec7f10c43256ae5a66e5d957f5e74e8ae48ee61eb3fd4d51c011d9ad25ba44a0cec4c4eda
SSDEEP

3072:Q1ie15sspknn/dXfHOTxOmZcMTizYVWtzvKz/4cT9H1ie15s:e1WZfGxDVWtDK8cp1W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0faca8bb8612b12f610e4baf0d01becf_JaffaCakes118

Files

0faca8bb8612b12f610e4baf0d01becf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Marc\Downloads\PROJECT X\Stubs\crypterstub\lightstub\lightstub\obj\Release\lightstub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ