4cf904cd81af3ebdee1266ed9ecf89b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cf904cd81af3ebdee1266ed9ecf89b0_JaffaCakes118
Size

280KB
MD5

4cf904cd81af3ebdee1266ed9ecf89b0
SHA1

778d28bb47fa8c3eee798323b33180ae744d5efd
SHA256

0b9f0fca62a6fc035ad2a569f6b725ec2b5b86dd1400fc02f40f8b58d271cb7b
SHA512

9d6ab8045baf509e78de8ee21ea1ce87fc6d3d9a36a1a21b07d3c2cc6a4dd6a7dc3b081306334aa9d5af7dc41e76e2b85d7eb4118daaa09b57d44e3dcc2d75ec
SSDEEP

6144:UaEnaVmJPFkqgcoRXGQwYIlPeBrniFGCzAB5FHQSvx3l:BEn+mJ9V22Q7IF1FfzAJwSv/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cf904cd81af3ebdee1266ed9ecf89b0_JaffaCakes118

Files

4cf904cd81af3ebdee1266ed9ecf89b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Fabio\Documents\Visual Studio 2010\Projects\UNREALS TAB INJECTOR\UNREALS TAB INJECTOR\obj\x86\Debug\UNREALS TAB INJECTOR.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ