14b1165fb8a26848876f588d6d310391_JaffaCakes118 | Triage

Sharing

General

Target

14b1165fb8a26848876f588d6d310391_JaffaCakes118
Size

22KB
MD5

14b1165fb8a26848876f588d6d310391
SHA1

171dcfbc47d90792703088395616fb90dc3fee01
SHA256

95ef968fab8ea67d543dd49351eecb29eeae529a9eb5c8ae084624c8c752ff2f
SHA512

a234a12fefd9f1920eaafdc8827886a2562b1bbe9b47bca9eb7a975abbf98ff08a6ec1a5fee6b1bcc02ca9afe0b2aa4dd44d81f9ac859577d1653473b4576394
SSDEEP

384:gd/RlYfRL57ZGZWYTQt04ML724jcyf41+dN7Jq+9Wsngi:gd/3Yp17ZGZwtLgBcu59Xf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b1165fb8a26848876f588d6d310391_JaffaCakes118

Files

14b1165fb8a26848876f588d6d310391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Roby\Documents\Visual Studio 2008\Projects\Web Browser\Web Browser\obj\Debug\Web Browser.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ