2db67e059e734679850c6bea41eb2cc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2db67e059e734679850c6bea41eb2cc3_JaffaCakes118
Size

847KB
MD5

2db67e059e734679850c6bea41eb2cc3
SHA1

1c6b5bbdcff5c7fd80107ce700710256eba71eb9
SHA256

2fc75a2aa887af7866f28bf852f208d74601f5e4e76515ca403e65e6a5ece95f
SHA512

601565f4136d6267763be30b5e493b65a67edf90c077f8e8c2c086896f128d9498ae58611804ce768fdc474931eb4f99f509f92fb23e6f184776f817e79e44b6
SSDEEP

12288:JYoyHDe2LduAhiScXRLv5b1++Ag0TQCWQp452IMIhiScXRLv5b1++Ag0TQCWQp4T:SjtLdNC6ZxWGI9C6ZxWGIH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db67e059e734679850c6bea41eb2cc3_JaffaCakes118

Files

2db67e059e734679850c6bea41eb2cc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Zak\Desktop\HackForums\REAPER\Stub\Backup\Backup\Backup\stub rc\obj\Release\stub rc.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 149B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ