d6f9fd8a8720a51076be8f7b25278d4b_JaffaCakes118 | Triage

Sharing

General

Target

d6f9fd8a8720a51076be8f7b25278d4b_JaffaCakes118
Size

478KB
MD5

d6f9fd8a8720a51076be8f7b25278d4b
SHA1

1ca7cce3fad42b219702975306f3d8e6d62cf6e6
SHA256

805d22047aa58968b27b172380eef58877f5b96177d21c77e3dd16fe891bce0b
SHA512

0c973ce58e4aa0645f6b5f193e91e5e356a3956e08f054a08b44b41759bc383c3c60f9c0f5bc3db2225fd9a3097e945fc88e6c1e42c12cc0b31612219a5b69aa
SSDEEP

12288:e9jBgFYsPt4Hp9ujwkSBv7Gz5dbMi8nPgOz6JQrrWM7vFnifpGZ1X3WAr+ybzxw4:erg7t4Hp9ujwkSBv7Gz5dbMi8nPgOz6Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6f9fd8a8720a51076be8f7b25278d4b_JaffaCakes118

Files

d6f9fd8a8720a51076be8f7b25278d4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Documents\Visual Studio 2010\Projects\i'm_your_god\i'm_your_god\obj\x86\Release\i'm_your_god.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 413KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ