bf43fb9f252db1138d968932738c74df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf43fb9f252db1138d968932738c74df_JaffaCakes118
Size

127KB
MD5

bf43fb9f252db1138d968932738c74df
SHA1

b3d98d86ddcfebede498b47656db98198b85f1d8
SHA256

d80ed18720ab6c7f22c18654c6bea0c743e85d03487f9594ac97e4d9299b967b
SHA512

778dd503da6a8c972f921244ad728823245912957d02e381e1cd93acd4eab623b293009b035845ef1619e2e45513f64e402ddca03f6e0f1d1ef2b93ba4015264
SSDEEP

1536:OxdGVBWJZZpHcM1CHCpfdHbJPk4Cs54ash9ekOAwePDvjZJrdm3iNvMDflfS5LTJ:OkripfdHb249iPTzNvclQPUE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf43fb9f252db1138d968932738c74df_JaffaCakes118

Files

bf43fb9f252db1138d968932738c74df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\Crypter base\dofus loger!\Stub\Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 113B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ