abc672c440738a8cba1c4a64f16dd9d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abc672c440738a8cba1c4a64f16dd9d9_JaffaCakes118
Size

19KB
MD5

abc672c440738a8cba1c4a64f16dd9d9
SHA1

12b2b05604e286fabb40cf5c38fcf67a4c2c68b0
SHA256

2fe01ec51a65e7d041ef04927229d713e30ed0542795b3c4c19fc5ab8b4f9728
SHA512

cd3e1a41dde102682b3435b690aad2a9c504d6fcf2eb6816673410ec78cfe58b03860a8d93bb5de2c65edfb2bba0eb65c145abe24ffd72632b2726c5a792c690
SSDEEP

384:75dLfG99FX1nXKbnLf45sozOQfri8jBMOeZ:75dLu99pp6/loz/eZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abc672c440738a8cba1c4a64f16dd9d9_JaffaCakes118

Files

abc672c440738a8cba1c4a64f16dd9d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects\Stub\Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ