61ae008ed1046826e77fef81e1293561_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61ae008ed1046826e77fef81e1293561_JaffaCakes118
Size

20KB
MD5

61ae008ed1046826e77fef81e1293561
SHA1

7f31c35ca40ffd12a3b1be294b27577733616fa7
SHA256

1dd0dc56bd77d1353ae89c66e3e7fed9de65d45e99c66f19503148e7b6466095
SHA512

2c7a81f96e7898d7b27f52852d770b773a1837773f25e901ca8a50c26a940fd2ce52e1c0625505a54a30b17a6f9b1a488cf89d4ce2224dbe855d2adb649ba7f3
SSDEEP

384:6fUUYPwxP/SPEBCiPbswry0P8TdTh5Lf45sgDZQfW008JCfwhYLW2:LUYPwpkiG0mdTh9lgDUvI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61ae008ed1046826e77fef81e1293561_JaffaCakes118

Files

61ae008ed1046826e77fef81e1293561_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Chris\Documents\Visual Studio 2010\Projects\speeds Injector\speeds Injector\obj\x86\Release\speeds Injector.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 173B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ