d734ae734a13c66c67a57697ea4a6aa6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d734ae734a13c66c67a57697ea4a6aa6_JaffaCakes118
Size

1.4MB
MD5

d734ae734a13c66c67a57697ea4a6aa6
SHA1

62d2296b9748317c58972f8a7a54c860e5f2cf56
SHA256

08a5e1b01771878554b48fef99f93544ed13a09be907ced03cfda12274f0bfdb
SHA512

3c6e1558526d840f92b6d031cc775741f223d416084540cbb47ba1a66f3deb764d39f8aa24f78c99f2b6e48ddf162a7af56f7ad8bcce0dda6e3bdc09142047c1
SSDEEP

24576:XYUMFYrufUFirJEK3IB8tNddIQd9mxhlklf0tOPL8SaAhraTn7LQPgXBiGAg/AF:XdYYrufUQryPBcNddIQnmBEfBL86anLa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d734ae734a13c66c67a57697ea4a6aa6_JaffaCakes118

Files

d734ae734a13c66c67a57697ea4a6aa6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\artio\OneDrive\Рабочий стол\launcher\Launcher\obj\Release\Launcher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ