8a70e9d25aaca92dc459e2cbfd1544a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a70e9d25aaca92dc459e2cbfd1544a4_JaffaCakes118
Size

36KB
MD5

8a70e9d25aaca92dc459e2cbfd1544a4
SHA1

56988fc176ca03a2fb307c0027c76e52e0db9c8d
SHA256

59cb0f32fbd7f1a047f384f4f8652d3d546ee45452b77cea91d937fa45a1d67a
SHA512

43de0eda7cc75220c2e4eefd105b72373d50d24e37d7a70dcc0e44ef510da720fc842d25f3f2b72801a9b7f70b17b709d37e93d308b8c5183ed65e9972faa002
SSDEEP

768:vg+nVPPQJDrQaddUEBmTnxi7m9Xo74ln0M3IQy:v89vdvFo40t0M3IQy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a70e9d25aaca92dc459e2cbfd1544a4_JaffaCakes118

Files

8a70e9d25aaca92dc459e2cbfd1544a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\joie\Desktop\vb.net projects\fud\svchost\svchost\obj\Release\svchost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ