825a5ffbd902f34f73d7f8ca0e439842_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

825a5ffbd902f34f73d7f8ca0e439842_JaffaCakes118
Size

30KB
MD5

825a5ffbd902f34f73d7f8ca0e439842
SHA1

c3ff40cf82ef09dbc2e628423e41bd24ce4988e2
SHA256

acc711072ec91a69e6fba61a755250ca5b3d661cd2dc4eb660a5fea32070398a
SHA512

1aad2691e7a9d279b0c671ce92f643abc329110e975e0774bedb744b0b561f33d8045de8a673cb39a6ca82a9074f13a57a9cb6fdbb77c686c03246996815abf8
SSDEEP

384:87CDYRrbWlGbnLf45rQfeJn+G8/gsRk7ZVR/YP5EEgi0:87CDqW4/U+fk7ZH/YP5DD0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
825a5ffbd902f34f73d7f8ca0e439842_JaffaCakes118

Files

825a5ffbd902f34f73d7f8ca0e439842_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\user\Desktop\VB.NET\Stub\Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ