48183e557fe288b0f9dbd9cba0e55539_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48183e557fe288b0f9dbd9cba0e55539_JaffaCakes118
Size

222KB
MD5

48183e557fe288b0f9dbd9cba0e55539
SHA1

9355a43dd59d6f1805f2fa7798974f381c03855f
SHA256

395e5d654f6466d3589d7190502c016c0dc6e75ab3614329bec07c246f7ef6c2
SHA512

77379f56ff07efded8583712c92bb023df83fab1a85ea4a3ca721f8d243a73f537c65cd726f6ce9f5671f44ecc930ef9855e31f0cd215be6585c14222f837619
SSDEEP

3072:diM9KuVPEhjHNRC6xUdy2G3M0SIOFVvaYuKjNQVprxSFcmPCQZLiqHx9dvzK:dip6EBtRC6xyy2G88zY6LEP1vbK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48183e557fe288b0f9dbd9cba0e55539_JaffaCakes118

Files

48183e557fe288b0f9dbd9cba0e55539_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\mouad\Bureau\sexy.pdb

Imports

mscoree

_CorExeMain

Sections

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ