430b5b44a2a1224c552a6aa4ad6866ee_JaffaCakes118 | Triage

Sharing

General

Target

430b5b44a2a1224c552a6aa4ad6866ee_JaffaCakes118
Size

53KB
MD5

430b5b44a2a1224c552a6aa4ad6866ee
SHA1

4c648202768ee3fe3de51dc68f3ec46a79bdf2a0
SHA256

4300bb6e225a490a12a6a0ee57e3e2373a9cdf313fa4f37eeaab8461fd738b21
SHA512

a7881c78c44f7169aaa511abd416a7a1ed3a2189f1d574b0c7094173b98cbc97e0504373a41a822cceb7d60f388bd343ba1e290dbb6713f1da32fe7b23f8c4d1
SSDEEP

768:Xc3q2O17ei+XVur4B3HpW1A+KGsPyElyhE4mFBLokg6yH5Q6:M3q2O1tQVusBqsqEQE4IFPyZN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
430b5b44a2a1224c552a6aa4ad6866ee_JaffaCakes118

Files

430b5b44a2a1224c552a6aa4ad6866ee_JaffaCakes118
.exe .vbs windows:4 windows x86 arch:x86 polyglot

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\loveking\My Documents\Downloads\pr0gr4ms\vb.net\CodeDom Crypter\insanity\CodeDom Crypter\obj\x86\Debug\234567894567834569056783432456782718318223832821894198239239299289.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ