175b794e793b8be6702906dd16d4409b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

175b794e793b8be6702906dd16d4409b_JaffaCakes118
Size

198KB
MD5

175b794e793b8be6702906dd16d4409b
SHA1

d1285cafb45c5f58b23d66a9274717b4bbbb92e9
SHA256

7a46a19eef7d903ba769082e5a24a7b9e7cf9567fb24104b7331d14d21ab179d
SHA512

866e05f3059e7c2c6cbb39609b907c22af42650e3b593c5d5fd2afe7c9097ec5f4a56b9a853b71ddac31eb041a1bc7251b12b08cf3c19ddebbbe457853f16c9f
SSDEEP

1536:OxGexR/NwS8YF5Df9WkGtF1ol53jml3cplF9MLZJxexR/NwS8YF5Df9WkGtF1olq:YGKROS5fkMLalsplF9YxKROS5fkM0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
175b794e793b8be6702906dd16d4409b_JaffaCakes118

Files

175b794e793b8be6702906dd16d4409b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\FEDERIKO\Documents\Visual Studio 2008\Projects - 2\Server Undetecter\Server Undetecter\obj\Release\Server Undetecter.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ