d58357e9837e216317dee11bcba276ea_JaffaCakes118 | Triage

Sharing

General

Target

d58357e9837e216317dee11bcba276ea_JaffaCakes118
Size

59KB
MD5

d58357e9837e216317dee11bcba276ea
SHA1

475c2dc5de7d435036eb2241a45d50639875aee6
SHA256

864c8b1111dbc9ff1335cee79ccde8a61d2225f59ed927c0d12715c21d4a5967
SHA512

e3a206ff4620f23a9f47d6ae4cf840834802e82c08a31703b0148f3bc04b9dca39fd126221bf9d3edd09947abb6cc05fdb7d5d01545bcf924c002444517e04b3
SSDEEP

768:0fTdZnpYsgZqO3ibm4G4095mOQ/gl0ZAaWAZrsy+Uli:yZnLHOylK95Wol0Z5/ZrsyLli

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d58357e9837e216317dee11bcba276ea_JaffaCakes118

Files

d58357e9837e216317dee11bcba276ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects\Keylogger v1 by hav0c1995\Stub\obj\Release\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ