2ab70931739c029465d8f201cd6ad148_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ab70931739c029465d8f201cd6ad148_JaffaCakes118
Size

544KB
MD5

2ab70931739c029465d8f201cd6ad148
SHA1

49db0da62b6332d2bbf3ba85ccfc9daef26c6f5a
SHA256

4b260d1760ed98f9b39627bd716aa1ca746ad276ef2d851cc53d11c4fec10219
SHA512

897b5349e25de73bd439217a7646f7243c2ba80d92ce23fa2d07fc7480f415685238ea1e79aaa48e0dc9989c59868d0588d1519d824d975f07fc98460a01c45f
SSDEEP

3072:nyIuBvIWJNLDGMfBxfYvpB1C6cr69IKSceY2hn8+Qivpl7rQxNDZw/NjZqMNMMFy:K3fdLYv306crLYFivPgZw/PvP3tqKfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ab70931739c029465d8f201cd6ad148_JaffaCakes118

Files

2ab70931739c029465d8f201cd6ad148_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Daniel\Documents\Visual Studio 2008\Projects\Grieve Logger Stub\Grieve Logger Stub\obj\Release\Grieve Logger Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ