4c27d7eec233f8e7cd525e88233dd1bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c27d7eec233f8e7cd525e88233dd1bc_JaffaCakes118
Size

141KB
MD5

4c27d7eec233f8e7cd525e88233dd1bc
SHA1

8f0f60231c48ea9d89af01b33b4c392dafe94b9f
SHA256

a83eeadc27dfed24d99985bfeb07e7256bec4a290032ba3c7ae0b63c998a7bec
SHA512

35926147d9b60b9c944d70dd9214889eb9a587b76065a23de428bfc08acd8506bd1a9e5564f46f73e0b3b9cce8916c294e117a7d91c21af5082a2276b37f6ea3
SSDEEP

3072:vT8Vu/YZyzc92XgBaLEFePoJCDMtTUdDig1gB3Oqa5P2/9+yGSn:4Vu/YZyzc92XgBaLEFePoJCDMt0DbLqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c27d7eec233f8e7cd525e88233dd1bc_JaffaCakes118

Files

4c27d7eec233f8e7cd525e88233dd1bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Programming\c#.net\Projects\Gh0stSource\Gh0stSource\3.0.1\explorer\explorer\obj\Release\explorer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ