397d058fb581112a2cadf093761ec504_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

397d058fb581112a2cadf093761ec504_JaffaCakes118
Size

18KB
MD5

397d058fb581112a2cadf093761ec504
SHA1

6b94e097246fab91856ea8066aa38f929bf0cabd
SHA256

33a2fa860d532cf44116f3b0234c10c8a0f2da32181473914cbf03e5f7cbdae0
SHA512

265d0e981e6cbebc97335640abe3ddc51330d894109d998e46a8c47259def17e92ebee549ed37b81100aa2863f9ffd5dcc5c76b92175762edb91c6237f99a01a
SSDEEP

384:AC9TMqQfGMyf/9YlDDSRjk/gmUq99LB45lh4bNM8ffj8xDtT8g:39TMqQfGMlgkImUq9hexDxd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
397d058fb581112a2cadf093761ec504_JaffaCakes118

Files

397d058fb581112a2cadf093761ec504_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Al\Desktop\assignment7\Happy Temps Solution\Happy Temps Solution\obj\x86\Release\Happy Temps Solution.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ