b5b592c8c16990ad794c06a1dc9bf176_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5b592c8c16990ad794c06a1dc9bf176_JaffaCakes118
Size

164KB
MD5

b5b592c8c16990ad794c06a1dc9bf176
SHA1

b7ddb971d74b79c7e50199bcc4a88d641a33b762
SHA256

919b7d17fc4f19645bec3099b86e06b84476f22f138156c692ef7af79e5d8272
SHA512

447af33df0d2e11f578fe3bc31577d5644b7b95bbb13cd4e2209988432765bb4cc02508b2037b8340572a74093a4a61e96c719d781b95ce294408cb4effc9c72
SSDEEP

3072:sBwyJM16mnyxvPfgaDFEO/JFP8I5tMQbDOo0d3zzL/+QauBO1KiSh:6FmnsfgaDeuFkW0ZzzLLay4KV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5b592c8c16990ad794c06a1dc9bf176_JaffaCakes118

Files

b5b592c8c16990ad794c06a1dc9bf176_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\dell\Desktop\oovel.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ