cfcec92d72aef431ade136e2d283e69f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfcec92d72aef431ade136e2d283e69f_JaffaCakes118
Size

26KB
MD5

cfcec92d72aef431ade136e2d283e69f
SHA1

b267a20c2d139b8ba6a861c8abdaf93b754dd723
SHA256

9b8873774b305d020a6824d386997d6e65b033637414e1a706214cdbc5a18b03
SHA512

893b51c5ed8ed6f5e9aa6bfa9b4810ea0df7db386878c2748f318c8706b89b4ce3fd9869f8c63944487671d884ba7588d5cd92dade4c91b75e8baca2014c3df2
SSDEEP

768:ZdkPpePmlrNqVE/iXD9lRZNk5qk0e98QXmFN8P5zYcCed:zKYPmlZqaKzLCqy/Xm6Dd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfcec92d72aef431ade136e2d283e69f_JaffaCakes118

Files

cfcec92d72aef431ade136e2d283e69f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\My Apps\Sources\Cam Spy\Cam Spy Stub\Beaver's Cam Spy\Beaver's Cam Spy\obj\x86\Release\stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ