da1bf9c09f30c98f3fd07861bd0636f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da1bf9c09f30c98f3fd07861bd0636f7_JaffaCakes118
Size

25KB
MD5

da1bf9c09f30c98f3fd07861bd0636f7
SHA1

ced5a036670ad0dcca447be8648e6ed0ef408d65
SHA256

0ac74ebb85d506cb100dd5e2880b6f44bf5656c55dd2727f0480ffe56af388e8
SHA512

f6981d81618dc5173fd73c3e123cda7768fb246a03aaf6781a8edb3f40aa1ef8a66a98c633dd581465041f95040909049e1dc4cc40db54a9cebaf3faee4fe027
SSDEEP

384:sf5XGCpoEEAwRtu9A8Ld1mPlMs/5W4DJLk24jXPgc6k3XEY85TpundwBgXyr337/:EPp7nBA8Lvs/wE2XPg3jr3a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da1bf9c09f30c98f3fd07861bd0636f7_JaffaCakes118

Files

da1bf9c09f30c98f3fd07861bd0636f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Gogoli\my documents\visual studio 2010\Projects\WindowsApplication15\WindowsApplication15\obj\x86\Debug\WindowsApplication15.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ