89048cbb9e48af48c6d3e202edc427f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89048cbb9e48af48c6d3e202edc427f7_JaffaCakes118
Size

69KB
MD5

89048cbb9e48af48c6d3e202edc427f7
SHA1

d0a00caa8c73d69e52604758957d70b565e9090d
SHA256

930cd660e116f3a91fb11878e7acf2bbcaed43fd34865b65216589b517854c7d
SHA512

18e78f1be253ca88f9e74a6fffc15cacaf27ce0460e7342a5be07cafe389d9c9a2b85075ab73269fa98822b20a5c47b49c5477225e252c4c990dc82f4f5cd07d
SSDEEP

1536:Ev8lbIsSJN5j2ZoAHbMGS2ox59LoUjpd7QQwQRFZ82:EibcJNx2ZzgXRxTL37QCR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89048cbb9e48af48c6d3e202edc427f7_JaffaCakes118

Files

89048cbb9e48af48c6d3e202edc427f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Administrator\My Documents\Crypter sources\Crypter sources\ScanTime Crypter\1 scantime crypter stub\1 scantime crypter stub\obj\Release\HIJACK.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ