0c4b2dbd2ed791e7ea9ec7f06ebe6d52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c4b2dbd2ed791e7ea9ec7f06ebe6d52_JaffaCakes118
Size

1024KB
MD5

0c4b2dbd2ed791e7ea9ec7f06ebe6d52
SHA1

996f9cc902b022644230f965ece37718d0f71161
SHA256

d4dc7916db5ce5abe993827d30a51f1a630b8dbc352ec862e55397def49c3c69
SHA512

8e5ce2ef52362012e8be94fdd3792bb7b96b5f685577eada8b796c1489568e651d1dc70886c2e26da8754f960517b6fd9d8e55216282d6da8e33823c80e4fc95
SSDEEP

12288:I5thpzQApEYCEh2nt9OoCjFUb9T0sNOJen4weaCBsheZe2GZp62FgrAJ6WakaWY8:OYFEhyTO5gas4meZf4d/aL3z4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c4b2dbd2ed791e7ea9ec7f06ebe6d52_JaffaCakes118

Files

0c4b2dbd2ed791e7ea9ec7f06ebe6d52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\1337\Bureau\3.0\WindowsApplication1\WindowsApplication1\obj\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 817KB - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ