8594f70b5a609e33ab476e9bbf513886_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8594f70b5a609e33ab476e9bbf513886_JaffaCakes118
Size

154KB
MD5

8594f70b5a609e33ab476e9bbf513886
SHA1

e20aa1e466f6cbcbc87eeed9b404f37d7aaf730a
SHA256

2006235e87e6cbd36cfd4e093a331344404cd143582d3efb67a34858cd279cb6
SHA512

ed2d1af47246dd07c2ed0748250fa4b730f349933f16e8e52d81db2a0f105c09287aae5a6454da20f0ca11101f705d218d26b1980c04d960b1fa0b709400bf99
SSDEEP

384:IJN1rKysHOYeVPXlL4aFc/YgcLpXfczIeMFI6/1L6w2DFikpcCRu9L1wwAf4J7FY:cNMthMPc/j7j8mk1H14D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8594f70b5a609e33ab476e9bbf513886_JaffaCakes118

Files

8594f70b5a609e33ab476e9bbf513886_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\user\documents\visual studio 2012\Projects\WindowsApplication152\WindowsApplication152\obj\Debug\WindowsApplication152.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ