973c94756809461c9cb3c05d1632dbd2_JaffaCakes118 | Triage

Sharing

General

Target

973c94756809461c9cb3c05d1632dbd2_JaffaCakes118
Size

166KB
MD5

973c94756809461c9cb3c05d1632dbd2
SHA1

d15b1b19f4d69ce4bad84b7022d0eecf2a1e5d82
SHA256

c08c5168da114f288caa53355ae3bc82e7d10c0c22f594e237975c287f1c7ccc
SHA512

e63e18ff91b54ce847178c6d278d1ce0dda77fe1b0e31d52d2fc9aefc27abf6e09b9ae515ab46143199b344b9ae5e7af2207698eb93255c2e965ebc523089bf1
SSDEEP

1536:3zm0XQfMkDvXR/TMZtQkZpsHHHkLL/LL/LL/LLkNHRv879NHpovcfNwV7cNHzSmS:q0XQ/DvhoZK42pYpccpW5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
973c94756809461c9cb3c05d1632dbd2_JaffaCakes118

Files

973c94756809461c9cb3c05d1632dbd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Juan\Documents\Visual Studio 2010\Projects\Jukey private\Stub - Copie\Stub\obj\x86\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ