279ebda1f1afde19e77dea84b5448c5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

279ebda1f1afde19e77dea84b5448c5a_JaffaCakes118
Size

9KB
MD5

279ebda1f1afde19e77dea84b5448c5a
SHA1

2904cca339a2bd8f652129030c996174f1b5fa4b
SHA256

45e87bb5a4c4c02939f81794cea09acea17ea9cd89eb97a2f9a59a256b025395
SHA512

21be00091489a6a71a1fe5c85c2dde0e862e6eb7ad781ffe15d49e419f42429eeca76230138bde1cb6bd95aa7e0d779e09d918d1f1eeb67bab8bb6edf2f8f3a0
SSDEEP

192:U3E+Al+6ldqMVRM1jODanWZ18L2CLiw6ShPzbOfous:UIf4M8p3nWZ18aCLiw6nt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279ebda1f1afde19e77dea84b5448c5a_JaffaCakes118

Files

279ebda1f1afde19e77dea84b5448c5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\VisualStudioProject\checkVM\checkVM\obj\Debug\checkVM.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ