735697a54d828368884b625e30d43417_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

735697a54d828368884b625e30d43417_JaffaCakes118
Size

19KB
MD5

735697a54d828368884b625e30d43417
SHA1

20953dc8239f29105fa97b672b4030d090803851
SHA256

794d49a0c62bcaf16a0ae027c4ac98c9108df08ebd89bf378ebc666fdf74a44e
SHA512

f8911672cb833449dfb486e5c350574e43aad120d48858110daf4931f4722de93c6b097987b9bfb01a6fefcb20c3d835d75007083044277ad60b77841beb95b2
SSDEEP

384:aK/Rl8WezoaULDAejryPYLW3S0hWayJLk245la3Xocrd3PFWnF:a8z8la3xrhNE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
735697a54d828368884b625e30d43417_JaffaCakes118

Files

735697a54d828368884b625e30d43417_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\greg\AppData\Local\Temporary Projects\WindowsApplication1\obj\x86\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ