b2b68d1d83bda5773fc0efb61d1e6b3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2b68d1d83bda5773fc0efb61d1e6b3d_JaffaCakes118
Size

863KB
MD5

b2b68d1d83bda5773fc0efb61d1e6b3d
SHA1

1f86606831d89f2c041cce91f76638e86622214a
SHA256

77f6173ae75f333bc4d98373d6b927927c594697e35b3adf37475d191e37eb03
SHA512

5402f99fa51a15a2eb68ea6cb6e0f19b25839fb0aaec5f70c1f4496729a0af18957665045ae31a1b978c5670719402febcbf23e6a1361fddb177af74f9683abe
SSDEEP

24576:XPs8Ewr2liR5xVaq1PGIljI8SiJ0q2JLUPYfrL:/sMHfxVfLjI8SiTPYf/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2b68d1d83bda5773fc0efb61d1e6b3d_JaffaCakes118

Files

b2b68d1d83bda5773fc0efb61d1e6b3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\saurabh\My Documents\Visual Studio 2008\Projects\Royden crypter\royden stub\WindowsApplication1\WindowsApplication1\obj\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 817KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ