a70d4d6b1d0631ef738b95dbe1b271c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a70d4d6b1d0631ef738b95dbe1b271c7_JaffaCakes118
Size

11KB
MD5

a70d4d6b1d0631ef738b95dbe1b271c7
SHA1

1204af172cf9fb80aedaa182f7a9fc808a376e8e
SHA256

f500b0b8b5ead4b997ea5941bdb314242e4603480943d94bd262a429f075b072
SHA512

4c9d1600679ed34cb140adf9bcf5058c9a6a9865c4c24b6459680df6f6e5c8bb751bfec85a44cbedab0d62b86a0c0875354805b8dfe506b1447851dc723b5f50
SSDEEP

192:hX+3vy6yMO9xQPzzQirMm8xGmogddev273D3KaDkG3LoQwgSuPnY0WLD:h+3vy6yBzQPzzQirMdnc27z3KaN8uSK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a70d4d6b1d0631ef738b95dbe1b271c7_JaffaCakes118

Files

a70d4d6b1d0631ef738b95dbe1b271c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Christian\Documents\Visual Studio 2010\Projects\sharpcollector\sharpcollector\obj\x86\Release\svchost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ