65acacbe6522c35e9a9df1e842ceb4f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65acacbe6522c35e9a9df1e842ceb4f3_JaffaCakes118
Size

662KB
MD5

65acacbe6522c35e9a9df1e842ceb4f3
SHA1

ecebccec4b8acd35d6c59b797ffe1e2e49c64595
SHA256

679ad885c7e7cdf04d34fdbaf99cd10f56cb8e9947363f01b0fb999da9bde800
SHA512

dc910ab0cc5c3f89e77c0c36a050ebbd123a3c99dcb9ba88f9374692e0727d81a7c7d1a4b4a16a4e412af2fd8f09b1cc83130b5c439e84693a97e32a2bbe4745
SSDEEP

12288:dyNc7qrk7CZSD0dipqkMuFN2AWblazKzWaO0XKVsy26s:dMUrksq5uoxQVu36

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65acacbe6522c35e9a9df1e842ceb4f3_JaffaCakes118

Files

65acacbe6522c35e9a9df1e842ceb4f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\1337\Bureau\src 2.2.3\JUpdate\JUpdate\obj\Debug\JUpdate.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ