88ff40b9031588b6cf1446c03bfa8608_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88ff40b9031588b6cf1446c03bfa8608_JaffaCakes118
Size

197KB
MD5

88ff40b9031588b6cf1446c03bfa8608
SHA1

abd05ac5ee4c8c885eed26d42a8980c1e409c63b
SHA256

4e71890890fb6069f037ee9b19a80a2c9823f77b53e84b8e0ef6c2de60b188f1
SHA512

c54d7cae91e1388573ef1abd19914a1ce060c6b61397b47f51a435dee9718bdab72d66a66dd80cb0e39a7ee74792a0a2d4956fca972aa02bad4ed0f97c0222e8
SSDEEP

3072:3OfDkDkZ8w0HSg78WvNFPpb8DeY7Z+Li9o6Gn6f7wrd0liHgPwizzzzUD1:i7vojvNFxbI8LMy87SdOiHgPTzzzzUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88ff40b9031588b6cf1446c03bfa8608_JaffaCakes118

Files

88ff40b9031588b6cf1446c03bfa8608_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\kdglkrkjdfhslej\Documents\Visual Studio 2010\Projects\New N0$Crypter\Files\PRI\PRI\obj\Release\???????????????.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ