8d270cb985a641841e6ebf329f1ac3a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d270cb985a641841e6ebf329f1ac3a7_JaffaCakes118
Size

651KB
MD5

8d270cb985a641841e6ebf329f1ac3a7
SHA1

a9ce3fadfa630f7c9635133dd39c6d271217fd7c
SHA256

56e6426a12d56e2bcd7d0786183fb24c6ee2e0d8f403f4f9332d98288ae30f4c
SHA512

9c7e66babd5e9d8bdcdbd3221ec88cac3bd557f2b875068601e4add102b9dde16a7939a93c77971adffbe2dca1fbefdf085eccb3f28e2504b41835d6dd87cb29
SSDEEP

12288:0ROs8VdcY3kpFVb3t27sNoKvjzuMjbrgV7y47stD0i+U:3b2Y4t27sXHuMjbrg1c0M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d270cb985a641841e6ebf329f1ac3a7_JaffaCakes118

Files

8d270cb985a641841e6ebf329f1ac3a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Admin\My Documents\Visual Studio 2010\Projects\Aes Stub\Aes Stub\obj\x86\Release\Aes Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ