3562aabbe46db587332707168f03ec0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3562aabbe46db587332707168f03ec0f_JaffaCakes118
Size

699KB
MD5

3562aabbe46db587332707168f03ec0f
SHA1

d3fa5ad988a85c468898caa21a611093f8132dc5
SHA256

8649efe7d52996e536942e9645378626cf52d8e732550e26db0e1e34d5e3f0e0
SHA512

a206155e5a4fc34610d078daf155f9bc8c2b3f2c8b9579c689501db901da418680a189e8af03bf86807b20f638efec8ac59c6268e0b1a389c96468162f97f5e8
SSDEEP

12288:Pv4ncotVIhyHRBJn3zdUdKXWEqvWdUQej81QHRmT3vQr2r:cVIsL13zdUdsWEOWdUQeNwfQr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3562aabbe46db587332707168f03ec0f_JaffaCakes118

Files

3562aabbe46db587332707168f03ec0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Documents\Visual Studio 2008\Projects\e.m.p.t.y\e.m.p.t.y\obj\Release\X2adsVeGF.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 651KB - Virtual size: 651KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ