69c8272ffeef43cef15f6788853cb20b_JaffaCakes118 | Triage

Sharing

General

Target

69c8272ffeef43cef15f6788853cb20b_JaffaCakes118
Size

79KB
MD5

69c8272ffeef43cef15f6788853cb20b
SHA1

3d26abc0d66f70b76637f2ded072ec51d560e16c
SHA256

e3d10e0f5ee874223e6a2d89bea21a630673859e23f889ec6bffc62110337457
SHA512

26c6ad69ddf85fe98845365e4c37f28c45b9470f25d701f31a67f52d99327fc987534a5ef84d173f93c271ce063990c58b42bb2328a5b5edb1de5ffe83cef727
SSDEEP

1536:dKIn9cuFEI1ZCM1PqG9pT632FszuZMrBwQLVIi:dKFuFEI1ZCM1PqG9pT632FszuZMrBlLZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69c8272ffeef43cef15f6788853cb20b_JaffaCakes118

Files

69c8272ffeef43cef15f6788853cb20b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\FEDERIKO\Documents\Visual Studio 2008\Projects\stub-binder\stub-binder\obj\Release\stub-binder.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ