42e19cc7fe5e01c6de65a373c5083589_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42e19cc7fe5e01c6de65a373c5083589_JaffaCakes118
Size

103KB
MD5

42e19cc7fe5e01c6de65a373c5083589
SHA1

164d50c2533d8ee7a9e57d3d58ecd5034b9ae0bb
SHA256

d1cf3f640b752c803cbfb706c2bbfb1b22ae6453835789bca00d4712ed966965
SHA512

248206f7f276357d9a4e996069f388beea80ddaafbb5cd9af87e1f5aba395cff270655f7eaae740ebf0159fc076e1b42cc5e98191894c2a2652ac119a57e0342
SSDEEP

1536:GaC/VaBM8+gUiGCZQM7cZ7KGBYo5A8bjJtFJM8nZqBYqWz4l:wi3bUxCZhoZOGBU8bjbfjZqB4zS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42e19cc7fe5e01c6de65a373c5083589_JaffaCakes118

Files

42e19cc7fe5e01c6de65a373c5083589_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Bot\Desktop\VB Stuff\RSPin Gen v2.3\RSPin Gen v2.3\obj\Debug\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ