346046d2a5056eb163c1e5dcd134f9ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

346046d2a5056eb163c1e5dcd134f9ed_JaffaCakes118
Size

7KB
MD5

346046d2a5056eb163c1e5dcd134f9ed
SHA1

93eec484a9aa3708fc9f741092fa9c763de3a9af
SHA256

80606a8e901bf06698a632e56f9d44457fe13e7d2dfd3d22b14d5b84d33db52f
SHA512

862065652d69e71ba0c59be6035b48c6f1a3dfbf8fbeabb40d482d55aa3e24771ef4643f81904cdd3c55365616e9758d4f0403cc2ba62c469e529cb172444f1a
SSDEEP

96:082W53bbBYlnWzYZYBW4L+0Jd+JwhvRe5Kdw/2BF84zNt:p2W5r1YAsZYBDLJiwhvRebpa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
346046d2a5056eb163c1e5dcd134f9ed_JaffaCakes118

Files

346046d2a5056eb163c1e5dcd134f9ed_JaffaCakes118
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Study\OSEP\Projects\6- Introduction to Antivirus Evasion\6.6.2.1 Exercises\Non-emulated APIs - CreateMutex\Non-emulated APIs\obj\x64\Release\Non-emulated APIs.pdb

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ