626a7d67f1be3dc0a4f73361466b9d17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

626a7d67f1be3dc0a4f73361466b9d17_JaffaCakes118
Size

490KB
MD5

626a7d67f1be3dc0a4f73361466b9d17
SHA1

43550489cbd002d7a8a961be5da550fc5777f852
SHA256

0feacddbc8b524c19f7f6bd24e61e1cd733f2615f7a88f82722f5bbf45af8308
SHA512

6adfbc959d20ad0f112d44d7e51c6eb6da05a717c4f863fd09dbdf29a8fc392fcf4a40a56d3635f33dff22bb4c018b1cf0c3e2267eca127b7dd34c4ab1da73eb
SSDEEP

6144:tjUca5+gfpUOiI584eeD14ootXCCtaJppYWH/JskNAVNebTpl0DP:tYco+gunI24e2CEAWfykqVNeHLK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
626a7d67f1be3dc0a4f73361466b9d17_JaffaCakes118

Files

626a7d67f1be3dc0a4f73361466b9d17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Drops Logger By Rapid\Stub\Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ