0c7063612bbd47890f45e312c72ab3f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c7063612bbd47890f45e312c72ab3f2_JaffaCakes118
Size

261KB
MD5

0c7063612bbd47890f45e312c72ab3f2
SHA1

e604ceaa996d79a336cf3c6a7d6277ee5a2c09f8
SHA256

0d8cda1454c79535b332af3888cd09b7b99337ddfb440e3f4f025e8ef9f829a6
SHA512

e92059204c8b4cd0b61ab6244339697c16250051144fcb45d0c879d6b1f15c6e1d210f9cd8add78bb54b454b656471fb7b99051e74494d2f3264d65c5e59f571
SSDEEP

6144:5r86yDQkrNXVMLWnCQeRPEW4SdR1gVeSr11svL89kmqpA:5rDyDQkrjMLWnCHaWn+VeurDqpA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c7063612bbd47890f45e312c72ab3f2_JaffaCakes118

Files

0c7063612bbd47890f45e312c72ab3f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Slichice\Hakovanje\[2010] Hakovanje\Ecryption\S-Norton3\obj\x86\Release\S-Norton3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ