974ad08b2af37244f7a31ed47e2e1c9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

974ad08b2af37244f7a31ed47e2e1c9f_JaffaCakes118
Size

745KB
MD5

974ad08b2af37244f7a31ed47e2e1c9f
SHA1

f79c8456a2cf12b81544a966ab26dbd517e8f3a0
SHA256

a0a43d4be9461f06ffd1550f58409e1d9589bb316f8025ec185ea197a2bd0cf4
SHA512

9fa38fbe01df2640d6fec5a4d209fef664c0765bd3c1599b98e3c766011dbe4a6f6d53ba01f902b084ebfbf9bbfeefc1747dc8f8f724c472a59d259179d8aee5
SSDEEP

12288:+0Yco+gunQUBCEAWfykqVNeN24ezlA7NmUXyPl5EuHM+3x/MzuV3:+7ZunQU1aVNeN2xAZmUq5++3ZMzuV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
974ad08b2af37244f7a31ed47e2e1c9f_JaffaCakes118

Files

974ad08b2af37244f7a31ed47e2e1c9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\$@!\Computers\Program Source Codes\541's Products\541's Keylogger v7.0\Stub\Stub\obj\Debug\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 463KB - Virtual size: 463KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ