bb29c6c0ffd5ac6dae7b377862b29b53_JaffaCakes118 | Triage

Sharing

General

Target

bb29c6c0ffd5ac6dae7b377862b29b53_JaffaCakes118
Size

226KB
MD5

bb29c6c0ffd5ac6dae7b377862b29b53
SHA1

8779f722e286c43a018a6d48ac7ff81a25cc7c9d
SHA256

29f179473b6b9a62439862a71035f3eb662986a165fecd9d32f23983d161f824
SHA512

19a590c101ab5311b7e0e3b615f5d118f57fbbe616639053fe54c5f7b9908296a7893cb0d6143543de97df725a5b8c884322e4a2f760fd3a286ee8a47323841a
SSDEEP

6144:8CL9bcIIHMKOVxE7ANeSldiFbLL8tbk+FTma/pjjSh:8CLWIXKOVKtB+/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb29c6c0ffd5ac6dae7b377862b29b53_JaffaCakes118

Files

bb29c6c0ffd5ac6dae7b377862b29b53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\tof\Mes documents\tof\dev\crypter dll\dependency\obj\Debug\Cursor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ