14e33f2cd806029aabf226d37dc02459_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14e33f2cd806029aabf226d37dc02459_JaffaCakes118
Size

53KB
MD5

14e33f2cd806029aabf226d37dc02459
SHA1

1f5a08431a8df68fd81025829415951d43906d60
SHA256

2875abb9687e0da54ed0116abb8be29d85985fee3a4ddb38b5a4231cded64b67
SHA512

7894fcf61c4abd73539d7e8065a7d6f20be0825994e11fe63049ec65564277db6d7fe71c6757b19e94be8d5f7c748ba3b1450d38c2b241cb1cc5993efddb6048
SSDEEP

1536:aYoxfN5CGBTJxJ79YxzvFhefveFgzh9FtmD+Z7V:aYCas7J790qFtmDIV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e33f2cd806029aabf226d37dc02459_JaffaCakes118

Files

14e33f2cd806029aabf226d37dc02459_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Current Crypters\2012\WindowsApplication1\WindowsApplication1\obj\x86\Release\services.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ