8776576c9b5d476a7e44a93ca22d7865_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8776576c9b5d476a7e44a93ca22d7865_JaffaCakes118
Size

136KB
MD5

8776576c9b5d476a7e44a93ca22d7865
SHA1

4e12075a434892dda7e1d83e0b058cd71b1cd80d
SHA256

8bde3cc64f172632473bb7020120b6b8ae91504f7659c0f84319a427ab9819ea
SHA512

eda9b027d425da66ae7fdaa1027db0f97cabd5e5f2c1dbe36ca0e3d1bfad942ba9ad399127db9185f119d289a7061a9c78bcb4ee65eea6643df3f6aecba9b53a
SSDEEP

3072:4u94yb+CJKKbgfqmTB2Sz3Xj+MMb85hkPXAy+KD:4s4JfqmTB2Sz3Xy87RKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8776576c9b5d476a7e44a93ca22d7865_JaffaCakes118

Files

8776576c9b5d476a7e44a93ca22d7865_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\codes\virus\sysras\WindowsFormsApplication3\obj\Release\sysras.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ