1800f333a4df0a8e6957eb994c06ca2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1800f333a4df0a8e6957eb994c06ca2e_JaffaCakes118
Size

157KB
MD5

1800f333a4df0a8e6957eb994c06ca2e
SHA1

2a00e85d87751235e89d1a106b8bad086736403e
SHA256

c2b4051595cec263ab81295316172b35a9c1138abe81b84ec400f89acd00aa68
SHA512

5205827959e04d89147abdc3e65c53118c901447e192b0eab28e0e1bbdffe2ca9fe87d8360bce5937dbb84315c2f837b5589d5b613d19fc304940041c2f8f321
SSDEEP

1536:kKPW1dmJ8qYDyL9y1Rb/JNajXWE9CfDk3ku87im60+:kKUdgzZE1B/JAXxCbw87imL+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1800f333a4df0a8e6957eb994c06ca2e_JaffaCakes118

Files

1800f333a4df0a8e6957eb994c06ca2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Program Files (x86)\Z8Games\mlang\Aim\Undetected\obj\x86\Debug\Loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ