4737889f265f670a780351722ca3023f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4737889f265f670a780351722ca3023f_JaffaCakes118
Size

134KB
MD5

4737889f265f670a780351722ca3023f
SHA1

ca77d22f478d90fc464d87473e417abb5cee67ac
SHA256

90d9589a0fe1207aa168b6e1d68a4927958ea8a0ca9d0ebfa02ab157d63825dd
SHA512

da6ac4bdf0585d2bda89c309147ca95f72f9d39a2868ec5d13c9f350c373950458c57f645a7e8447f3486692b0f4d8d6a3347bf69bab443e6ffc1bbadc409f46
SSDEEP

3072:HddmXi8NS1xEdGFqRwlWhPVuDCcgDLwm8achwL5pc8J3iN2hgw:HdGiy60thduxm1h5pbW2hg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4737889f265f670a780351722ca3023f_JaffaCakes118

Files

4737889f265f670a780351722ca3023f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Caraed\Documents\Visual Studio 2010\Projects\TahCrypt0r\Stub\obj\x86\Debug\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ