76c83cc8839451584120b014f49fb196_JaffaCakes118 | Triage

Sharing

General

Target

76c83cc8839451584120b014f49fb196_JaffaCakes118
Size

27KB
MD5

76c83cc8839451584120b014f49fb196
SHA1

75869c0d6b91a7c055d7992285ba17edf8aa8678
SHA256

f276e1dab082529a8b102bb70f091d6859b46bc071c3475300fd37c96c29b9eb
SHA512

ac639fbb049a31c9c6b5fbe5b3043f5fb57ed4eda92f13da9a6ff0c1913bafae25c1159cf3460bb87b8314dbcf6f1e5ca1c33f0651b32ce033898be64194b94d
SSDEEP

384:qvgokS96u5mr7/FSxPPuSaB86WysO8B043gvaHhbP74/hLf45scWQfuAB88jx85q:0UFaRaBfWysCYJZ74/VlcxI5q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76c83cc8839451584120b014f49fb196_JaffaCakes118

Files

76c83cc8839451584120b014f49fb196_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Johannes Ullrich\Visual Studio 2008\Projects\b0by4 Injektor v5\b0by4 Injektor v5\obj\Release\b0by4 Injektor v5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ