d0d1b45ec273568957b8a500630e45d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0d1b45ec273568957b8a500630e45d1_JaffaCakes118
Size

139KB
MD5

d0d1b45ec273568957b8a500630e45d1
SHA1

ef927ee108b938376e355ca7d046b2d8b26afefe
SHA256

96059eda6e993b48c6aff2dd5bfcd5b5cd69a28b6a2b730b978a4982d6008106
SHA512

39744c2928bb652a16efdd5cc3acbf9734731906a4931c71969af9b0a8b8492d79510c5b40d0ed555ff928d028a61ef33c8d5ffcb4a9f7350dc89176f71e094a
SSDEEP

3072:4L1Bw9jA/OWbvq3GIua7rFLlDm7VV5MT027hrEiqD2:k11OW+3nuurFBV027h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0d1b45ec273568957b8a500630e45d1_JaffaCakes118

Files

d0d1b45ec273568957b8a500630e45d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Trance\Documents\Visual Studio 2008\Projects\Free GP\Free GP\obj\Release\Free GP.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ