a7c9b10bf1bd30aa5504a2b03b824434_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7c9b10bf1bd30aa5504a2b03b824434_JaffaCakes118
Size

96KB
MD5

a7c9b10bf1bd30aa5504a2b03b824434
SHA1

28be79a6a8b0e40c4b63764170837c49e4fe4275
SHA256

181689d7a6d465f7e2bc17069ac0af28759a502f5b397a8d873f4d285c15e05c
SHA512

1eab049cd301a32e6b178b357617122b72debffc9fe467f52975557216b5d4e271856c5bda3697fe485862b005900b878b5618b065a83690b119ac2bebabe0b2
SSDEEP

3072:9paZo05fghyjk1mXIJa7M9OPwRCT0l2HTIbefwKBqEeXrnIl//u9qbWTreYh:3ofghyjk1mXIJa7M9OPwRCT0l2HTIbe4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c9b10bf1bd30aa5504a2b03b824434_JaffaCakes118

Files

a7c9b10bf1bd30aa5504a2b03b824434_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\kBot-v5\kbotv5_Cyno\obj\Debug\eWBot.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ