dab852f28408edad268db9320aa4d636_JaffaCakes118 | Triage

Sharing

General

Target

dab852f28408edad268db9320aa4d636_JaffaCakes118
Size

379KB
MD5

dab852f28408edad268db9320aa4d636
SHA1

9711b129bf337f5168b76b3cee1a683a9e7c37c6
SHA256

45c2c42759b62ef8b29b31a837ef24c64ffa09e071ebd29f2cd88fe0fd1701ca
SHA512

f429d55c873be3e7417ab60900a93e8387b6f5aaddca4377b542ea8221825da840ebc0886d807e9b09c2933c32404c4830868d9405438a0f6230259983222c23
SSDEEP

6144:yYM3IFZiYe53K7SfUtotwvb5fQJD1kvxIdQNRyfq9PJj1B+OEah8L0aK4P5Jj:yVIFZqK7SctnBm1ieQxJj1Buay0aLBJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Injector Version 2.00 @MPGH.exe

Files

dab852f28408edad268db9320aa4d636_JaffaCakes118
.rar
Injector Version 2.00 @MPGH.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Ahmad\documents\visual studio 2010\Projects\Injector Version 2.00 @MPGH\Injector Version 2.00 @MPGH\obj\x86\Release\Injector Version 2.00 @MPGH.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Injector Version 2.00 @MPGH.pdb
Injector Version 2.00 @MPGH.xml