221196ce76c700671f6a1e83a2911059_JaffaCakes118 | Triage

Sharing

General

Target

221196ce76c700671f6a1e83a2911059_JaffaCakes118
Size

607KB
MD5

221196ce76c700671f6a1e83a2911059
SHA1

8e0a6c6868ee5b571a5758673a29ee0ad8785859
SHA256

0d7eb10493eacdf4c86c83b3c4cfde8a950e50918ea461fa49ba5d420c1bf04c
SHA512

b443878a9bbff487eaa51458b5b1033cea53745a0e3ef33813854262266588458c83a402632fd3b15f3d1664af6186fe477ec695b95fe31b4d87923abb8b7d2e
SSDEEP

12288:WKqmpplpGoGL3etQoMiXM8gxf/Sj4yed0WJcI:1563ey8gZqj4yKJD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
221196ce76c700671f6a1e83a2911059_JaffaCakes118

Files

221196ce76c700671f6a1e83a2911059_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Rocket Dock\Hacking Et VB\Nathan72389's vb.net source pack\Binder Example\Binder Example Stub\Binder Example Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ