3dc2e196a13db5623ad687583ae7087d_JaffaCakes118 | Triage

Sharing

General

Target

3dc2e196a13db5623ad687583ae7087d_JaffaCakes118
Size

819KB
MD5

3dc2e196a13db5623ad687583ae7087d
SHA1

3cf106e80f8fdc948e8f287f8206c8e9a007b47e
SHA256

843e4bec0d31f20d45c04920f5db0b5f1586f7292ca06be8ad64b6afb1fd3a2b
SHA512

e9d230ccff14922cca587836e8c42a34d2c5406a2ac93a7c1952ceaeaee6fa3b5315597f74d5e59c81bd5cccb35887166c384c455f685724aa025e440d9e51d7
SSDEEP

6144:WXNqYwgBTZGvi/vtvGhBO1Vq1DnrVZge7D+/Y3VEpNHKzWQyF86U1Gb:3SGjbX3MHdLU6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc2e196a13db5623ad687583ae7087d_JaffaCakes118

Files

3dc2e196a13db5623ad687583ae7087d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\user\Documents\Visual Studio 2013\Projects\ation44\ation44\obj\Release\ation44.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 817KB - Virtual size: 816KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ