de29922626935bda83898e8535d7db3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de29922626935bda83898e8535d7db3d_JaffaCakes118
Size

148KB
MD5

de29922626935bda83898e8535d7db3d
SHA1

601bdb47dabc3cd4a105fa57e382973f86f1a37d
SHA256

9001afe2407609b6cae0a68664e4a21fe43d8bc9498c96340e0462445f7738f9
SHA512

2206ac9afe2a4d31b8989290ac8c35f9bce2d80faca2d0389ed4c9f444bce16d0078b87dd6b41299ad6043b253611f365aee8e2c92c55a0e97a408d619cad11c
SSDEEP

1536:EiK1SyjbilyPlG2UJi7Lsftlao5AdU9scFH/2EoyHGTWtWP/HG8k46yAGLwQ/u6M:EiK1lbiUcO7wQcAof2xb/rPhkuzHQBh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de29922626935bda83898e8535d7db3d_JaffaCakes118

Files

de29922626935bda83898e8535d7db3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\vbD\VB6\Crypters\Crypters\Crypters\Outher\vb.net\James's Crypter 2.0 [FULL SOURCE+STUBS]\xStubRC4\xStubRC4\obj\Debug\samidz.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 183B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ