bbf3c156c81b7872f4033ec0060470fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbf3c156c81b7872f4033ec0060470fe_JaffaCakes118
Size

6KB
MD5

bbf3c156c81b7872f4033ec0060470fe
SHA1

5013a1253adc952796f7d334175554bd731f5d9d
SHA256

1017e20daeb568ff78336fc6aabadb75f4a0c5ef8b3d27a16178a8d73f6f60db
SHA512

7d7ac7c0d515a4e601abda7a77db336f8bed0a0cf540d0a7c5fb685cfc2a32078b637e03581b9b585513e24d3ab138418495ae4079c9b8d1e7240134d1543da4
SSDEEP

48:62IQcnLTH2pv6nfZZPg3A0TNMvU+MxIXuXjfPJdi8PFPviujFroGSTxbiKUtJ+Fr:ID24vZTQzfPlPxiu5S9OKt+4NmPzNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf3c156c81b7872f4033ec0060470fe_JaffaCakes118

Files

bbf3c156c81b7872f4033ec0060470fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Nuno\source\repos\RemoteHelper\RemoteHelper\obj\Release\Remote.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ