75c4258d63b9b7202fee59998492170b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75c4258d63b9b7202fee59998492170b_JaffaCakes118
Size

269KB
MD5

75c4258d63b9b7202fee59998492170b
SHA1

f57c87ed76852625fe1f265fc67eec0d0f2ed34b
SHA256

9937dec1dacbcd4e009d768290bc0a87239e41b1a98dbedc5c37600479046791
SHA512

ea6485f9bcf15bc3de5d46514d5887ed49acff3d7cd91d436d1bb39b42faaedbcc86974b98a0270f67ced827677c3f3a32863b9fa5e8c6e7289665e4ce35c971
SSDEEP

6144:cWXF5pBOfpMTPMY9vqUyikz1iMZlqClsPUFfvsc72dbxgf:zV5ChMDM9UyicsSwuUc72dbxI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75c4258d63b9b7202fee59998492170b_JaffaCakes118

Files

75c4258d63b9b7202fee59998492170b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Documents\Visual Studio 2008\Projects\e.m.p.t.y\e.m.p.t.y\obj\Release\iuhugfrt.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc
.rsrc/0/GROUP_ICON/32512
.rsrc/0/ICON/2.ico
.rsrc/0/ICON/3.ico
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/version.txt
.rsrc/100/Info/Dec
.rsrc_1
.sdata
.text