78e00a1d86253e1765e7ecb5c201f4dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78e00a1d86253e1765e7ecb5c201f4dd_JaffaCakes118
Size

1.1MB
MD5

78e00a1d86253e1765e7ecb5c201f4dd
SHA1

f971f6b67d5d7d2db6b9564eb6b3526341c59100
SHA256

7c6cfdb520181b2843765ce77e3be389645a48093bdb90f9b0012d8677dff965
SHA512

2fdd9570b11042260585b1ab6a5e02de0f96f26d7243e6d730fb4ab20b4204286aad6f1b6784c0e823edcd632b0f7f5fbb9605944c3f58906123824792b020d3
SSDEEP

24576:03z1ly5S98rrBcShkKePpuwA4leFxJvWzZx2F2S+:eLmYhgFC9QF9+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e00a1d86253e1765e7ecb5c201f4dd_JaffaCakes118

Files

78e00a1d86253e1765e7ecb5c201f4dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c056922162bf2bb3389fba6d31ad16d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Sander\AppData\Local\Temporary Projects\stub2\obj\x86\Debug\stub2.pdb

Imports

sancak2

_CorExeMain

Sections

.TEXT
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sDATA
Size: 512B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ