329871f953b1032e26b5040f2c702291_JaffaCakes118 | Triage

Sharing

General

Target

329871f953b1032e26b5040f2c702291_JaffaCakes118
Size

754KB
MD5

329871f953b1032e26b5040f2c702291
SHA1

b07fa6496e0633ff5154848c44dab8451fff5f0e
SHA256

0c9c134fd7df50d2aa3ce40eb7674de28f661297622f831b7d7061b99c015076
SHA512

0674cf4f8c049ce75b802314288caa0c6e0f682375cf8ac3df1742e9e559fc7c5fd26277bc5a5d0c20cdcc7d2aa91cc560a57edbd332985cefc013c9bd9eae10
SSDEEP

12288:tR27MPJw8cCa1Qd0m9rE6saBMMHI7vVystVKeyl+i9TisCtItlbjQDUtK3vpQU/a:tR2wBcHex5qpvrrFyl+iwyQIt2poMUtL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
329871f953b1032e26b5040f2c702291_JaffaCakes118

Files

329871f953b1032e26b5040f2c702291_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\=FIREFOX=DOWNLOADS\=.NETSkid\=Crypters\cr\stub\obj\x86\Debug\rc4.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ