2664138cbeb99762f52c9e5f7440b265_JaffaCakes118 | Triage

Sharing

General

Target

2664138cbeb99762f52c9e5f7440b265_JaffaCakes118
Size

869KB
MD5

2664138cbeb99762f52c9e5f7440b265
SHA1

26fde4ca8a910f088d8e8e22fd9e9c3bd4243b80
SHA256

2e920789889d7662dff67461166763006b16477322d28d166db3a9bb258aae11
SHA512

1eecc8428498b6af0b2ae5c76df62fc3cc2e6670f5768c129a2124c79f04418bab4ad821ee682663ffaf2f14bf53a7e9f27c383dcb127319b6d2e4de3b08546d
SSDEEP

12288:CojC1niH2MD/kg1CDYSovBf0B9LJAVtLFWDm4+auIPrF82Z5WL:aixDkg1IY5fQEYDtN3LWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2664138cbeb99762f52c9e5f7440b265_JaffaCakes118

Files

2664138cbeb99762f52c9e5f7440b265_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\jhfire\My Documents\Documents\Crypter sources\ScanTime Crypter\1 scantime crypter stub\1 scantime crypter stub\obj\Release\ikkJt0aIGG6PbfxVrM.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ