47b73ad1c5b2a58a55dc6a89438b5f03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47b73ad1c5b2a58a55dc6a89438b5f03_JaffaCakes118
Size

212KB
MD5

47b73ad1c5b2a58a55dc6a89438b5f03
SHA1

0be4a66a2230d25a9b45f6a165094ba324463964
SHA256

0cee5b0250f59a838334d48900c6ae300932dc40d69de47666037515383f710f
SHA512

d2cc9c6fd52eda12fac7e88edd17aba05ef197a0a126ac5cd9e7cfcd470ed1ea265678de09e6d8adeb8a393d5d5c1b5d10031967464f5f88a2d1152b3a6af426
SSDEEP

3072:KnhDm2kC3yliP7rQxNsd2Fg32x0SDU+ToH9vZHPC5D47+0o6Ew3hiIeItr:DF6IYH4FQ2iSD90dvBPC5DNR693j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47b73ad1c5b2a58a55dc6a89438b5f03_JaffaCakes118

Files

47b73ad1c5b2a58a55dc6a89438b5f03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Administrateur\Mes documents\Visual Studio 2008\Projects\HadèsKey SE\HadèsKeySE - Stub\HadèsKeySE - Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ