714da1ad86dbacf5fe59a829f99a2592_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

714da1ad86dbacf5fe59a829f99a2592_JaffaCakes118
Size

12KB
MD5

714da1ad86dbacf5fe59a829f99a2592
SHA1

1e7ab63394ac19f47c18f52110cca0dfbd29bc27
SHA256

6baa508a91305f9d0ad54c4fb4ae9aec1b030d7d1490752c3d6ba9a4d21e21d7
SHA512

4b48eceef7fa5961160e7f8299f9dd5b2147ffce1348b577cd3d3030647ba9c05cac82d0d0aac70450d3da787bf6cebc46353a40395caf20dd2ee0a52e3802db
SSDEEP

192:xZLAe3eqBa3ztm6n6dtDka3xT5aAyRGzMJlWWm+:xZLA1Oa3zM66dpkqxT5aAy0QJlWW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
714da1ad86dbacf5fe59a829f99a2592_JaffaCakes118

Files

714da1ad86dbacf5fe59a829f99a2592_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\BADUNG\HACK CARCK\virus\kdc\kdc\obj\Debug\Yahoo! Messenger.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ