43332fb253862e0b674bc7b0d572a483_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43332fb253862e0b674bc7b0d572a483_JaffaCakes118
Size

192KB
MD5

43332fb253862e0b674bc7b0d572a483
SHA1

0a91877b64ccbba624425e10c8d071bf3eb1c8b2
SHA256

5cc457e0188800369e9617055dcc5670c2cacd6c1038bf33748908ffa4b2d081
SHA512

67eb92f01167b1b755c6389b0c62008bb331ba9a2f2327bec8216a00d0e40f43ff759008027f27d1670e73e91b35f51ab397fabe4877db2480d6fdc010d19b4c
SSDEEP

1536:+wcb/ksnpkHbkFo0Z3f4wmfudB0ocQLxRXcb/ksnpkHbkFo0Z3f4wmfudB0ocQp:+xveAufudBJ9xRaveAufudBJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43332fb253862e0b674bc7b0d572a483_JaffaCakes118

Files

43332fb253862e0b674bc7b0d572a483_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\William\Dropbox\VS Projects\Projects\IncognitoGone\IncognitoGone\obj\x86\Release\IncognitoGone.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ