210bbd3db631a7d605d9f9f8825d6aa4_JaffaCakes118 | Triage

Sharing

General

Target

210bbd3db631a7d605d9f9f8825d6aa4_JaffaCakes118
Size

515KB
MD5

210bbd3db631a7d605d9f9f8825d6aa4
SHA1

4a2da06be51755cba68ee1ab8961ec2a0ff3aaa7
SHA256

644054ebb52a4e91f372275864a0dc074bcc6ec6e9bbf63d6e09d97c55d2c6ac
SHA512

84702239d942a0c443f2673329e9f9cb23ad6b611d18b9bb48bc3e426966b6fe86cef0324dfe1c8b5175d019cacc83bd87c0c6cc7afba8e1528df0ea95ffeaae
SSDEEP

12288:0ROs8VdcY3kpFVb3t27sX1oHFBXrAuvkr:3b2Y4t27sHQkr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
210bbd3db631a7d605d9f9f8825d6aa4_JaffaCakes118

Files

210bbd3db631a7d605d9f9f8825d6aa4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Admin\My Documents\Visual Studio 2010\Projects\Aes Stub\Aes Stub\obj\x86\Release\Aes Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ