cef50f951867f246393455736226d707_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cef50f951867f246393455736226d707_JaffaCakes118
Size

17KB
MD5

cef50f951867f246393455736226d707
SHA1

f6682063e00ca1ac0b3d997b372e80bab0f3828d
SHA256

bd7b53b2b6fd9077ef590b66bf863487cf67e0fcca586a659ef39d46d9a0cf56
SHA512

8811155c859c87821d5836da47e4d68f248f12084c8405b8f36aa7f64edf03a844db12c7df20948c24a091e3c58a93ba49593f2bc0d1b285c135e99817c81600
SSDEEP

384:daA29ofHmSqVxkWayJLf45sBQfrFbj3QInNY:daAuovmrLNlr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cef50f951867f246393455736226d707_JaffaCakes118

Files

cef50f951867f246393455736226d707_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\H4ckmebit2h\Desktop\L-O-T_u_S\stub\stub\obj\Release\stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 122B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ