687d36d4505e37a94c65e877d84fd8f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

687d36d4505e37a94c65e877d84fd8f4_JaffaCakes118
Size

24KB
MD5

687d36d4505e37a94c65e877d84fd8f4
SHA1

fba842d2c58b134f4f0c496db1b09fe19a2a9308
SHA256

5e17263de4558e05a30f94ec82180ac75999cc338df44b48f2dd23eb06133245
SHA512

eeca04b398941b5a77a2ae37a7e818ede4cd133e2c4550eb2235e1ef3a2ede343c9e69c6304fb90f20d63656ea077ef5aff5ccb731b80ecd6d52f8585b7aeaac
SSDEEP

384:wwkvEfj/ACrWbuikqAWztFbNR544qWQnbR+i+pZI8+LRo4FvyT72NcuZtF:nIEhWyM1RObPq3/uZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
687d36d4505e37a94c65e877d84fd8f4_JaffaCakes118

Files

687d36d4505e37a94c65e877d84fd8f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\hhh\Local Settings\Application Data\Temporary Projects\WindowsApplication1\obj\x86\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 191B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ