a408e752a25d5c1463c85e0857e4ccda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a408e752a25d5c1463c85e0857e4ccda_JaffaCakes118
Size

50KB
MD5

a408e752a25d5c1463c85e0857e4ccda
SHA1

22d7035ffdd4b4954b4fbd501bbf2b499c574e81
SHA256

678465aec9ea09e12684c4579715137d40ba63f641e628f50cfcf7f5914afa0f
SHA512

4ca7632ca1b1b8c031112ebc2515fe212d73341b579e9981ebd16b75d19c81289aa043f511307566fd6ee8c14c0f30a7b4d56763b537f8243cd5fed272c8fab7
SSDEEP

768:6uGux2iQFbYfkkQOgxlo66Xw2+93m0sQw:/9S+tkKw2o3m0sQw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a408e752a25d5c1463c85e0857e4ccda_JaffaCakes118

Files

a408e752a25d5c1463c85e0857e4ccda_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Hebrew\My Documents\Visual Studio 2008\Projects\Stub\Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ