8bb939a6b4847b6c063bf92e9618589e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bb939a6b4847b6c063bf92e9618589e_JaffaCakes118
Size

24KB
MD5

8bb939a6b4847b6c063bf92e9618589e
SHA1

a92333063d9719956d943739d5845e2b447d59de
SHA256

77bae896d117c2a821fd21d84ea0cf8c848633ecee5534afc2f4f7369d8a36f6
SHA512

0c2827e8368754ca56f7f9a27ad8ce6c6b10651588fd9e776f08fe1b264a06fbf8a8ddcf4af6e83a4dc67abde05da697eeb8f51b896038779fa98ee0d4a6d8e2
SSDEEP

384:vXF09CJPGGfugZACZbDse9WztFbNR544qWQnbR+i+pZI8+LTow/ByT+2Oosp/F:FJP/ZPO1RObPqXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bb939a6b4847b6c063bf92e9618589e_JaffaCakes118

Files

8bb939a6b4847b6c063bf92e9618589e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\(V.I.P)\Local Settings\Application Data\Temporary Projects\WindowsApplication1\obj\x86\Release\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ