cf7a7234cc9fad1cb81927cc1a2cb342_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf7a7234cc9fad1cb81927cc1a2cb342_JaffaCakes118
Size

416KB
MD5

cf7a7234cc9fad1cb81927cc1a2cb342
SHA1

1eb07d2b7eb336780651fd8b25715cb5cbf4cda5
SHA256

b1d2a211fc7d2220610acb106e477efc7aafdf7057a87ed1e45d25ec1d2812ec
SHA512

5288fc4b92aa18ab1b13936a29357ef2e2a6194a1b7faee9b9e8605160223c669f35e5cbf5743ba923ccf29472694fddd73fe665f048ae2fc74fce5ad63067a8
SSDEEP

12288:ErGqrwg86NofZvNCFNs4w8lbLukbzV7z+f:sJ266vNCwRaLrZnu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf7a7234cc9fad1cb81927cc1a2cb342_JaffaCakes118

Files

cf7a7234cc9fad1cb81927cc1a2cb342_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Documents\Visual Studio 2008\Projects\e.m.p.t.y\e.m.p.t.y\obj\Release\X2adsVeGF.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ