23dd7b4e4aed06f121a1f28e0a54c6c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23dd7b4e4aed06f121a1f28e0a54c6c2_JaffaCakes118
Size

22KB
MD5

23dd7b4e4aed06f121a1f28e0a54c6c2
SHA1

0b237806e72c675f4b19bf71c7a1cd55b6e5d306
SHA256

2d4a508b967cb142182f498b1fc5d7aa52be89e47b8c81d547a2783159f79488
SHA512

f10e023c12b6ea2f3191e5da582631036aca8acf9ed2c481a9e05df631368d20dd177d21faefcff3c63f24731b999982d7d5b56115a429ceba65ea1854540a6c
SSDEEP

384:qW9i0SbLQccPDIlIWYiSKLo45spQfk1qi2exGoC6V0WpW:V9i0SbL1EwLYJWqxGNMW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23dd7b4e4aed06f121a1f28e0a54c6c2_JaffaCakes118

Files

23dd7b4e4aed06f121a1f28e0a54c6c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Admin\Documents\Visual Studio 2010\Projects\PhysluxWormSb\PhysluxWormSb\obj\x86\Release\PhysluxWormSb.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ