3f87a485381018c0656f8a1e7c765df9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f87a485381018c0656f8a1e7c765df9_JaffaCakes118
Size

172KB
MD5

3f87a485381018c0656f8a1e7c765df9
SHA1

0aaa9df0a2e940b98ac57c8485a3bf05ac4aca8c
SHA256

57da68be9a93444f95777ee02826495523f4f52567699286153792caef973f06
SHA512

1506a38cdc142945e818a07e6f9a7390b67c79f584407b04fe6cfd49e95ab2d8f24199e0095aa913e7d9fac92c4ba4c2d6289bcced90fd8c41b23cae010972d0
SSDEEP

3072:9TlRuryH4wuW7JiS2bb6DFuVObseU3QL3uKoI:dXeyHUIsShpubeP+LI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f87a485381018c0656f8a1e7c765df9_JaffaCakes118

Files

3f87a485381018c0656f8a1e7c765df9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\Kekos\Keylog\Keylogguer - copia\MultiColor Boombang\obj\x86\Release\Broker Click.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ