40b0529b5870c3b8aae780789650ae56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40b0529b5870c3b8aae780789650ae56_JaffaCakes118
Size

528KB
MD5

40b0529b5870c3b8aae780789650ae56
SHA1

7e2d9cc57e2403f417dddf63c28bf4e6a4725cba
SHA256

628d8fc13617748530b5077657594ae4b541c2f0faa8cc0eb441431c8bec6919
SHA512

8ce9962e101f167eaed1c33d4332950763de066538569ed8f8b793c24740f92905ce79c29e7e64b508ba7244faf0d9fe629f5ae28192a93f867680cdcbeedf4d
SSDEEP

6144:mX/Jpfoax0qHe8ltsS1z1BixU7oG8gixvwrXs+K2eFbmKqA5p+1+GhOqSTEW4dJO:mvzw6zz/7o1gixvwrXs+KAc5whx30Xn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40b0529b5870c3b8aae780789650ae56_JaffaCakes118

Files

40b0529b5870c3b8aae780789650ae56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Documents\Visual Studio 2008\Projects\Project1\AvG\AvG\obj\Release\AvG.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 475KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ