d998cc85e38b59f307aafe9eee811881_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d998cc85e38b59f307aafe9eee811881_JaffaCakes118
Size

70KB
MD5

d998cc85e38b59f307aafe9eee811881
SHA1

3e0bb9b6e5390c5f7ea1c3a9532ae86db2fe7903
SHA256

444fe28759d98643a6b739beca13dc4d4becc7380af665b221e430e90c5402ec
SHA512

b38de6b467d383752c65643093a4935ede777a12d9d3ae6cb7ce9516addf94fa4afccaa81d78d2edd03d4938e1a9b57fe333d533fdb575bf724691b0edba26cb
SSDEEP

1536:hMPn1CTmT9BwVvRmNGc/czHZDxlzGcNp1yXFz5D8HafdUafd4Or:I1M2o+B/2HRDzGcNHSl5D8HafOafaOr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d998cc85e38b59f307aafe9eee811881_JaffaCakes118

Files

d998cc85e38b59f307aafe9eee811881_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Berk\Desktop\SC\dependency\obj\Release\Cursor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ