2938e08fe01384fb3995cff234958fbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2938e08fe01384fb3995cff234958fbd_JaffaCakes118
Size

16KB
MD5

2938e08fe01384fb3995cff234958fbd
SHA1

b4cd72602722b7a9b30d3664180a42089304d17c
SHA256

48fd1f13a00b25bc7b8c513d28d2e1b34b170680803db32f61c704abc8877ea5
SHA512

2169d30c3abfc6d0dd38bba13cd0af1e6ed1824785d5e86a0535250c6ac4243ceda59f115e61c4c30c5c908aff3fc3180d5279bf2d927d7c9312ebd97a0abdec
SSDEEP

384:wvP96u3S47dY4X++9Lf45aQftH8QVP5faH9:F47dY4zhMP5m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2938e08fe01384fb3995cff234958fbd_JaffaCakes118

Files

2938e08fe01384fb3995cff234958fbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dot.net_project\BELAL\TestAppForInetConnect\bin\Release\downloader\downloader\obj\x86\Release\downloader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ