c8624e412bbd8045318059ab7954bb4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8624e412bbd8045318059ab7954bb4e_JaffaCakes118
Size

735KB
MD5

c8624e412bbd8045318059ab7954bb4e
SHA1

156ed6293e05207538250062ee3d88b8dc80c429
SHA256

9af08d7ceea871af87cc317b2ab70f13d4cd0afc7764261c29c22ebc97a2cff1
SHA512

4916fa430a2ae140335c657ff513c8e92b3652368a833d1be8f20b24e50e49f44458cdee4ad15ac7307d5bfa819686bfc0f999d4326c8217bbf3ab420d53c924
SSDEEP

12288:NoH1+FlgsEVYNH6gBBvFQQta3PuF1FKFvFEc0ccclFwcwcAc6cGcsFhcOFuFicEg:N8UTr9NHdBBvF2df

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8624e412bbd8045318059ab7954bb4e_JaffaCakes118

Files

c8624e412bbd8045318059ab7954bb4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\JuzziBOXX\Desktop\Visual Studio Projects\Vb.net\Stealer\Stealer\obj\x86\Debug\Stealer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 709KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ