dbeeb4793f114338fba0808df9c3986f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbeeb4793f114338fba0808df9c3986f_JaffaCakes118
Size

61KB
MD5

dbeeb4793f114338fba0808df9c3986f
SHA1

5ab8edd0f93343e65ddce78035d94e471b453d42
SHA256

60f89f38103b3d97cc70de1cf39fd54ed2df112e61f81bf4e9993d82a516a135
SHA512

7b340ccd152f4efa5816e9ac1dfe26b5e8da3e3555ca22d9340523add41d9abd362be68d254241c947f6be4671f0edd2bf09fa9f6e3ecf1756917e6925af5392
SSDEEP

1536:tGt0BYT++OjFXL9U6GFU2INuycPsUflkvRjfwRkGkjxc4Brg:tHBj+OjFBl2INhjUsjfwROxcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbeeb4793f114338fba0808df9c3986f_JaffaCakes118

Files

dbeeb4793f114338fba0808df9c3986f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\inmate\Documents\Visual Studio 2008\Projects\crypterstub\crypterstub\obj\Debug\crypterstub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ