2a245065a17dbef68b0413e6b3597f89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a245065a17dbef68b0413e6b3597f89_JaffaCakes118
Size

611KB
MD5

2a245065a17dbef68b0413e6b3597f89
SHA1

d0a09f3c63839e1aaf53a19f8155d78ff1be7724
SHA256

96369533d6726e7d05b77de7e8c1c9c0b64267e6af3d228ae1eeb224dfe4478a
SHA512

6588ef1795efdf976137c09457572c0fa75d4bc89e2032963f9831f866a52790fd9427be66bd20c5cdb0c3789430728e829af81cca69b893d67496bb6e147434
SSDEEP

12288:CkCEkj+EW/KxnTt4DQTUbBIvUKo8NAvO8iMl/6MQgmuNskBV6GZw:yEvTKxTtFsBgUK320w6MpcqV6GZw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a245065a17dbef68b0413e6b3597f89_JaffaCakes118

Files

2a245065a17dbef68b0413e6b3597f89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\ShiKzOo\AppData\Local\Temporary Projects\Stub_Bam\obj\Release\Stub_Bam.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ