ce8473a5fd1880f8458653f6b3b6e490_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce8473a5fd1880f8458653f6b3b6e490_JaffaCakes118
Size

1.1MB
MD5

ce8473a5fd1880f8458653f6b3b6e490
SHA1

1aebbff83d306210903c00c8419b8d2613a4771b
SHA256

fc66127b62bc889678a47dde23d343b6652147a1e256c89c7525348929caa349
SHA512

974e42a1339e40e961b169a3e783cacafa0325048497fd26c7f455b46bb29235533beb1a8de5b2e058e0561cac2cb7c3ffb616443bfb0e31f8cf0fdbf573831d
SSDEEP

24576:NtN3LrgZHnMjeCj1HtgWcsjgXryBOJsb/F2:NtN308LZj3USjF2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce8473a5fd1880f8458653f6b3b6e490_JaffaCakes118

Files

ce8473a5fd1880f8458653f6b3b6e490_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\CW\Desktop\FFB_Stub\FFB_Stub\obj\x86\Debug\FFB_Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ