966c2745c95658e9bf4518514446c406_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

966c2745c95658e9bf4518514446c406_JaffaCakes118
Size

338KB
MD5

966c2745c95658e9bf4518514446c406
SHA1

f834bceea5715fcb2c2429a62381a7bf4b72af37
SHA256

4964cb7eef6a27539b29d173800d7b94c60d24c8d966b302620b669c5af9eca9
SHA512

6622c812f41ddbe33f4f8c7ea580d68201bff67b5fee70ad333c5bebc07d44db755899ad0f08d47307d2a45cae67e5ae122bb3cc9877cc8ee965f22b3f340d3c
SSDEEP

6144:4M3qBNedMerwh5DMerwh5VM3qBNeNMerwh5LMerwh5+GS:F6TedMf5DMf5q6TeNMf5LMf5+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
966c2745c95658e9bf4518514446c406_JaffaCakes118

Files

966c2745c95658e9bf4518514446c406_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Liang Kai Feng\Documents\Visual Studio 2010\Projects\Injection\Injection\obj\x86\Release\Injection.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE