63184a1cc0e25c61c9a3063510c017c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63184a1cc0e25c61c9a3063510c017c5_JaffaCakes118
Size

31KB
MD5

63184a1cc0e25c61c9a3063510c017c5
SHA1

4e304b4850abb3e7eb31275455f5e2c383f66646
SHA256

6a59f2109090b63b9b86464a194d361c616922e156069b293ebe27f65c74fd99
SHA512

6b53116e06dba75c060ca982ae972502da65feadd48934f93e9944478d4871bfc919eb9d5b0b34c078cdaa2d7ba854321ab15999da34a960fb0ab28d19745ba4
SSDEEP

384:jfk5DoN6fxlP2AJLHTh/MqCxeh4ASdjhYXC1XU/wQq0dup21+iLk24jXPlsWHXy5:YpC6w+FSdaXCk/9lup2Ee2XPuWHcX8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63184a1cc0e25c61c9a3063510c017c5_JaffaCakes118

Files

63184a1cc0e25c61c9a3063510c017c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Farouk\documents\visual studio 2010\Projects\INJECTOR\INJECTOR\obj\x86\Debug\INJECTOR.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ