389ea70bc344492e0a1bbb35e01b9075_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

389ea70bc344492e0a1bbb35e01b9075_JaffaCakes118
Size

317KB
MD5

389ea70bc344492e0a1bbb35e01b9075
SHA1

b3c173e36452afc1dcca0a8911bf4067a6cde20a
SHA256

7026ef971ff404b75d04e1e74272ba729444468c9e7c70e264ef3bb7dc16cb7a
SHA512

10cea91ae15aa5979da10c1c4f06b59544b8044ab813a4fbf243d9fa8fc05f58664d3249dae72ec45cd19e44e14e10ae87aeb6823faeeec0e4deb699c6d4a380
SSDEEP

3072:Z1ppM48Xn1ppM48X+73sqeUp+FS2ko+BZ+9cf7DoWgnTlhjY0iyfF2+ab5qFf:r/bO/bdyUpwko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
389ea70bc344492e0a1bbb35e01b9075_JaffaCakes118

Files

389ea70bc344492e0a1bbb35e01b9075_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects\كلين\كلين\obj\Debug\كلين.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ