3fa75b0e6fe6edc8e3c06e2711d961c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fa75b0e6fe6edc8e3c06e2711d961c4_JaffaCakes118
Size

100KB
MD5

3fa75b0e6fe6edc8e3c06e2711d961c4
SHA1

0977c7dafc8eb31f9ed1664fc3c09ba11e3b7ff0
SHA256

14a0112c64def5816b7ebd4858e06f8df212b2e7c93f6d5cd626f015e6e9c2b2
SHA512

f67cd19741eb4a2b17e82bfcd4528de6d9b205c4b300f4d5402b0a462e83ab9f689e528ab69e23f46fb32606c2fdac3f8ab80499d057b240db62bb6c9084c6cd
SSDEEP

1536:Wn9syC76NZPcG9HR5mWVFcnx368nI/bknH9d9OLYwqOgDkaGvcEoGMZR1IWFt:Wn9S6NZPcuxBFwx7nI/QnHrJDTEgb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fa75b0e6fe6edc8e3c06e2711d961c4_JaffaCakes118

Files

3fa75b0e6fe6edc8e3c06e2711d961c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\Users\Bryan\Desktop\iKrypter\Service\Service\obj\x86\Release\Service.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ