3ab5b733a89700a394d7fdfe047d5fa1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ab5b733a89700a394d7fdfe047d5fa1_JaffaCakes118
Size

634KB
MD5

3ab5b733a89700a394d7fdfe047d5fa1
SHA1

d5005c8d5fe0644e47af65e06f356b0c04643c6e
SHA256

06fd119a940627d04a07af1a07e6d9d9f1280c8cc00a7e4510d125cc3a9266e1
SHA512

cc17ba51cb0ef12e12d2d84523f2e1b2091daa16d9cf20d9dcdff46652c1ab8ed4337022f0bb9fd258b97e29c9aa4f98b41b04546eea1aa8d171fbbf9d31a3e2
SSDEEP

6144:cX6InKl+1hOhIKQJSICwk598K/kNkrpgWX6InKl+1hHuonBpNcHR5TXvQNZTy:cBchIKQJNnS98gkNkrpBBtBTG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ab5b733a89700a394d7fdfe047d5fa1_JaffaCakes118

Files

3ab5b733a89700a394d7fdfe047d5fa1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Michael\Dokumente\FileSystem1\Visual Studio 2008\Projects\Win-Keylogger\MPK-Keylogger\obj\Debug\MPK-Keylogger.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 531KB - Virtual size: 530KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ