c890b790f27b7161fc2c12f9082afd96_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c890b790f27b7161fc2c12f9082afd96_JaffaCakes118
Size

600KB
MD5

c890b790f27b7161fc2c12f9082afd96
SHA1

cf09847947fe481456756219c597828e92dc16c8
SHA256

e6389abcd95171342eabdccbcd0d86e8169992795409e41d449766806bddeeee
SHA512

c4eb43daecd8b41dfe95a86061dca37bdef4ef7e1cfc5a69f6033da6c2878625e272a43eff501b1299939a6dce8140aea610073b0e243880c9651312e8296cba
SSDEEP

12288:rcehEc02bbQwDZqfCuHcuhOEjWFit/pGaB26tv0Yhx2pna/b:A+H1uHrjWFA/4UtvTYa/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c890b790f27b7161fc2c12f9082afd96_JaffaCakes118

Files

c890b790f27b7161fc2c12f9082afd96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Documents\Visual Studio 2010\Projects\1s3ri3s7\Annex\Annex\obj\Release\Annex.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ