a7c30637a6cc66be16379c3026aca27d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7c30637a6cc66be16379c3026aca27d_JaffaCakes118
Size

544KB
MD5

a7c30637a6cc66be16379c3026aca27d
SHA1

4e8afd036d05bd9d80819b4decff13df4a56aae1
SHA256

447d40f3a9f50daa7738a96dcf826e1cb683196027f1f7e57385f0ff80cc8875
SHA512

74c5b29102672fbf75e890c0697778d0d54b0c5fb9a035ddba985e233749d99322eca15c88292702b56b14d1a0f19b4486978429a921f38d46b1d528c635ef8e
SSDEEP

12288:y3w7epzFqzq38zxJk+7W774lIOY+uIoLaW6v:yA7epzx3YJkUWH0IOYTaP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c30637a6cc66be16379c3026aca27d_JaffaCakes118

Files

a7c30637a6cc66be16379c3026aca27d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\kdglkrkjdfhslej\Documents\Visual Studio 2008\Projects\PRI\PRI\obj\Release\GetTime.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 422KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ