187c8f74af19de9f81ac7d2d2ad62f5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

187c8f74af19de9f81ac7d2d2ad62f5a_JaffaCakes118
Size

49KB
MD5

187c8f74af19de9f81ac7d2d2ad62f5a
SHA1

8e9d07ac64b15f23a65bec549f5edf99de2ce6e8
SHA256

1083121696130d9fc1b838da68a181ae8d6b082e9e860aa268e8bfdeb8f7b54b
SHA512

53e44e00cc5fa648fcd9c7d7d2dd27775b8b8c5f04595968c28338406cc8cd644c5a365ba19818907aff11c3596b486d6249b7faf23279f842cfc63d43639a11
SSDEEP

768:15vr4dOJRMWT898rrpzO7zMYCg1u7hhPU90TIY8GJHmROiqdktzT6CjDoOABc3Rt:15UgMLmrrpC7WVhPOROFdaT62yBwZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
187c8f74af19de9f81ac7d2d2ad62f5a_JaffaCakes118

Files

187c8f74af19de9f81ac7d2d2ad62f5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\!'^AHMT!'^\AppData\Local\Temporary Projects\canbaz D3D hack\obj\Debug\canbaz D3D hack.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ