88399e406cc8813b2ee5cfc1d74293f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88399e406cc8813b2ee5cfc1d74293f5_JaffaCakes118
Size

332KB
MD5

88399e406cc8813b2ee5cfc1d74293f5
SHA1

bf82280eb6b897b41d867776205ce4c773691c7c
SHA256

fcb25e9913d57525a37e348c17df773461bb6d28d4075625f46e4dea09b42b8a
SHA512

7dc9ce818e7eb8f34e9c7387bf90e6a48477962510ff176d835c29ff71e2bbaa50e73de2c65a5b097e377441120df19d8b73e7c6093af2b214024f60ac787e73
SSDEEP

6144:wgHOuoffuvMXumuACLlmXKz9DcwtAQfrKfZN00Qi+XBoV0PYaCDf+tb:wggfuk+vBLA6Gw6QfrAj+6WPYaCDMb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88399e406cc8813b2ee5cfc1d74293f5_JaffaCakes118

Files

88399e406cc8813b2ee5cfc1d74293f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\saurabh\My Documents\Visual Studio 2008\Projects\Royden crypter\royden stub\WindowsApplication1\WindowsApplication1\obj\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ