4f35ac873a97230c69a50bc06fd750a9_JaffaCakes118 | Triage

Sharing

General

Target

4f35ac873a97230c69a50bc06fd750a9_JaffaCakes118
Size

36KB
MD5

4f35ac873a97230c69a50bc06fd750a9
SHA1

ade1e45a59fe0343cb7be26de680c80f7bab3519
SHA256

7f92427f427dcc9c8746f252d895e938107e94d6432028d7d4beae5523b56c8e
SHA512

64452c18ba544ad7c15d5cc9165c4886299cc64b72efa9f236b198c8f786ac9f1cfff53f5125896ad4d2dcd5039506f8406b4364fc693afddd547e1b80c5788f
SSDEEP

768:+yUXi87RgWVj4c0dGHl0QHyZLa2fed3dddddddw:+yUXi8tnj4rdI0QHIsd3dddddddw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f35ac873a97230c69a50bc06fd750a9_JaffaCakes118

Files

4f35ac873a97230c69a50bc06fd750a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Dahmani\Desktop\Cosmos\Update\obj\Debug\Extractor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ