da6db4c6fedb739f31bd60bddefd1107_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da6db4c6fedb739f31bd60bddefd1107_JaffaCakes118
Size

964KB
MD5

da6db4c6fedb739f31bd60bddefd1107
SHA1

d1d50fff4779d12f7df0ba55b83c38cbdffaa5ee
SHA256

733ff3d4465bc58093ab6df891165a1927038ed7b1444792f5ef55f224437be4
SHA512

1b551a22f92026b727456c057aece0d1fa4380e7fea5704921a928dd1dfe07bf9c8d2a92b69aecd7fbad7fd01404c11e22be74b9aaec981ad1be62713135ed6c
SSDEEP

12288:qwyGW2GROyGW2GRWyGW2GROyGW2GROyGW2GRo1ySG2GR:by5Oy5Wy5Oy5Oy56yV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da6db4c6fedb739f31bd60bddefd1107_JaffaCakes118

Files

da6db4c6fedb739f31bd60bddefd1107_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Eddie\documents\visual studio 2010\Projects\ModMaker\ModMaker\obj\x86\Release\ModMaker.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 814KB - Virtual size: 813KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ