bd036e6d1e709ef7605498844ddea2be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd036e6d1e709ef7605498844ddea2be_JaffaCakes118
Size

40KB
MD5

bd036e6d1e709ef7605498844ddea2be
SHA1

51ab22ac090f04b7245bd8de78b67414e8fe76e0
SHA256

464adad0a9c92221c01ea29f1866469341135b9d19f0a8c1801391c54e143947
SHA512

0fc80a321f0513193fdfd533f9c0c350c0cc4502a6e240a7b3639a08097729fc4e529c76981eb49b85b3c099a5290aafc19d5a40a37ad2f61b469cbd738a488e
SSDEEP

768:FjGNl+7ZxnVSmvm0bBMZHm1TEEAv37/rT7Bkrape5bNzqqN6AF:FjGGZ600MEEATD3dpedz1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BootTrojanGenerator v0.1.exe

Files

bd036e6d1e709ef7605498844ddea2be_JaffaCakes118
.zip
BootTrojanGenerator v0.1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Hack\Progetti\Sorgenti\Vari\BTG\BootTrojanGenerator v0.1\BootTrojanGenerator v0.1\obj\Release\BootTrojanGenerator v0.1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Readme.txt
bootOutput.img