8ba8e1cd1a186bb67fade7a6c4c3c056_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ba8e1cd1a186bb67fade7a6c4c3c056_JaffaCakes118
Size

507KB
MD5

8ba8e1cd1a186bb67fade7a6c4c3c056
SHA1

35baf42a3ac3f4f6ae0183b957c83e53ab166697
SHA256

def21d635128675ec978d417b7a9fc10c21fe3501319e756fe93ad815de82e85
SHA512

4eb3e129ee743da35efba07183b3441ecc8a26728cf93fd80418ab742a5e346a3983d2b642c77452d8a190ff1b961a463b1a63aafb04931dd7ac9223cf448615
SSDEEP

3072:NIla1DvhoZK4kpYpccpWxDvhoZK4kpYpccpWyMGRG/DvhoZK42pYpccpWvQ:NP1jhM701xjhM701yUjhM7u1vQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ba8e1cd1a186bb67fade7a6c4c3c056_JaffaCakes118

Files

8ba8e1cd1a186bb67fade7a6c4c3c056_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Cornelius\Documents\Visual Studio 2010\Projects\Test2\Test2\obj\x86\Debug\Test2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ