83605ca0bb3fce6b45be12148ad8b3c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83605ca0bb3fce6b45be12148ad8b3c9_JaffaCakes118
Size

461KB
MD5

83605ca0bb3fce6b45be12148ad8b3c9
SHA1

993a585df1f10dad43e30eedf8b6c1a8b3e15be5
SHA256

471b0f750e4b41e2e2134c3e45695bf3f3bb236d8bfe427a1d8f5b79c6663339
SHA512

026337794b9b9c2dc868c0d72f1927906942bc24e14d672b256d565b636ec213c3f9ffb9f0abd1701d0a1f2f2ac755904fceda3d60710869870cc672d1585099
SSDEEP

6144:iVz3zVkWv26B5EvXHCCnhmC8MX6rdfwifsyzfYuT7zZvw8+ngNxBgts6OUIOWdfG:idjVkWvp6XTkC8Mq5ZtY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83605ca0bb3fce6b45be12148ad8b3c9_JaffaCakes118

Files

83605ca0bb3fce6b45be12148ad8b3c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\My Data\My Programs\Windows\Microsoft\Microsoft Office 2010\Crack\My Tools\AutoKMS\AutoKMS\obj\x86\Release\AutoKMS.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ