2fcb3e34e3f7f0ae1111ec49feb8d085_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fcb3e34e3f7f0ae1111ec49feb8d085_JaffaCakes118
Size

928KB
MD5

2fcb3e34e3f7f0ae1111ec49feb8d085
SHA1

91af7608401ac84105b4dec9e93f7bf8f3a8cd88
SHA256

42cac24b394f47a0f298eb75948de94991c7dbdee4b7b1631bc4513a386159a0
SHA512

8969bfbef4c1c0e4d8b6ac00bb03f6f31e0fbcefa40e74f3b7aac67a864099ca81c4ce0897d655ae45739d3735a30584da7cbc31bbe6d3de82b6e41ec2743df0
SSDEEP

12288:tojCBmsJ+L9c1gikPZQpISwa6jxcDHCKv0Q/vnKVdex70lqkOPSH/XdmT:YOtoBQpwgN0Q/vmlZ9fds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fcb3e34e3f7f0ae1111ec49feb8d085_JaffaCakes118

Files

2fcb3e34e3f7f0ae1111ec49feb8d085_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\jhfire\My Documents\Documents\Crypter sources\ScanTime Crypter\1 scantime crypter stub\1 scantime crypter stub\obj\Release\ikkJt0aIGG6PbfxVrM.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ