a4eb36bf4a8dca662986678ba8d28618_JaffaCakes118 | Triage

Sharing

General

Target

a4eb36bf4a8dca662986678ba8d28618_JaffaCakes118
Size

669KB
MD5

a4eb36bf4a8dca662986678ba8d28618
SHA1

4611d3b371de44ec05320248c0a99d931f31f673
SHA256

54f2136f6e38f5c972d296ac1bf149751ad5ce86f40bd419e5223c758d01a02e
SHA512

e5043bfa9a4e1c8d99cd929b6bf58dd44462b17234471d0fb18e9b8616929fbff951511b3acbd42bc064175ebeff178c9e91825cfab3ef0c3f2d4bc6722099f6
SSDEEP

12288:WYM1BmkThDn8xd8wYwNjWv5K1kBL3HhTAvN+Tfw:WYYBX9QxuwYkavA1kB7hkvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4eb36bf4a8dca662986678ba8d28618_JaffaCakes118

Files

a4eb36bf4a8dca662986678ba8d28618_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Yavor\Desktop\Werewolf The Apocalypse Earthblood My Trainer C# uncrash\ArmYofOneTrainerEngine\ArmYofOneTrainerEngine\obj\Release\Werewolf The Apocalypse Earthblood v1.0 - Upd.1 +11 Trainer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 632KB - Virtual size: 632KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ