171a4de7a6f46917a7557e712e2f533e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

171a4de7a6f46917a7557e712e2f533e_JaffaCakes118
Size

24KB
MD5

171a4de7a6f46917a7557e712e2f533e
SHA1

a2e1feac5baba761762bade4a3043e4cb198ab05
SHA256

86adf824442a2145ef870613f5ab28671ad5520b425f57942536683a38014718
SHA512

1686a93135321dac76345ec8204768c818dedffe5dcb205f41c696fa044844e273387ba84041d8a800c8e38f873ad888017cd99f3b6f85707c093c0f16e2091a
SSDEEP

384:Nvo96uTvP96ujnurHbEbZcLK67Adc+nfVB8L724jcPl/uD/1+dNOEWsca7/sh:KnZcK67AdcUPQBcP9uDq0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
171a4de7a6f46917a7557e712e2f533e_JaffaCakes118

Files

171a4de7a6f46917a7557e712e2f533e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\pro_ak_47\Desktop\THCStub\THCStub\obj\Debug\THCStub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ