15e8ef65ea46f2a4d3f66d977116a53e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15e8ef65ea46f2a4d3f66d977116a53e_JaffaCakes118
Size

28KB
MD5

15e8ef65ea46f2a4d3f66d977116a53e
SHA1

70e96f1903ab1025dfa8f6b58bdb3a1b2ec122d2
SHA256

d466d4cb834c804c78fcc8d18d488256d4a94ebcf19b266bddffe59750bd3a6f
SHA512

1b56714f8b12cdbd572f8f820b64e579a71722b91fe05f9e0211f05619ccef7b882cac69ae5df52ca2f4bc930b9d87ad0aad2312679e35c8d0de2eb8ca36c0b2
SSDEEP

384:jU9H/yo0u2acB30ZCULO45uQfrdep8rLedd:jU9H/b099BuCYSdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15e8ef65ea46f2a4d3f66d977116a53e_JaffaCakes118

Files

15e8ef65ea46f2a4d3f66d977116a53e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Dokumente und Einstellungen\waldemars\Desktop\3.0\DummyTemp\WakeUp\obj\Release\WakeUp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ