d049aacf7e4db876ec46b21bddcef5d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d049aacf7e4db876ec46b21bddcef5d8_JaffaCakes118
Size

239KB
MD5

d049aacf7e4db876ec46b21bddcef5d8
SHA1

c9766b1cdd8a3eaab18aaed7cdf265f1034cd997
SHA256

2784e490d80189c3d7414b922301a759c1fbf0b718722f8987f224e429be229b
SHA512

e938af972f33a6dc0bdf2170a7d6edb21e79e64161dd3979fdd3d125aab87998ee415367cdcd74a6cc706c6e45dc4be1be508f86bf4826c0023752e83609ab1f
SSDEEP

6144:tUy4VZJ2fi/PZQYWR6Twhkrd9YIkw48wI0gF+:GyyJ2f4uvcTwwd9YIkw9wI0K+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d049aacf7e4db876ec46b21bddcef5d8_JaffaCakes118

Files

d049aacf7e4db876ec46b21bddcef5d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Administrator\Desktop\Wind\Wind\obj\x86\Debug\Serv0hhhhhh.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ