d0c21fa756a5aebc2fdfe8fdeb598772_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0c21fa756a5aebc2fdfe8fdeb598772_JaffaCakes118
Size

262KB
MD5

d0c21fa756a5aebc2fdfe8fdeb598772
SHA1

199c2d47c44220e28e2305d1b44c61c6279f75eb
SHA256

05b1a390f2d15cf69b71cc57ce393b430436f4db78e602730cdfcfcfd183c205
SHA512

50af12693aa6e2ea609079f809ff51b949e8a1620aa9ced470e99fd667e311c70158e60cff30f68942ce4bcbcc6d0fd411adedef2c93f4b9bfcc796af0758ed7
SSDEEP

6144:jqZibJ/yAKbMyDiPk+JzjLLXM0EsYjM9yzj:2ZibJmDis+JzDk29yz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0c21fa756a5aebc2fdfe8fdeb598772_JaffaCakes118

Files

d0c21fa756a5aebc2fdfe8fdeb598772_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Revalation\Desktop\2\MoonsteR Msn Freezer\MoonsteR Msn Freezer\obj\Debug\Revalation MSN Freezer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ