df3e23725e706b3255325ff66a13f02c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df3e23725e706b3255325ff66a13f02c_JaffaCakes118
Size

19KB
MD5

df3e23725e706b3255325ff66a13f02c
SHA1

0582011684bb1b238335585392d189e45e0484c0
SHA256

752062113aefb8d64e1f245f0039cfde7e35ca588146ea0facccf112f382c380
SHA512

5a9661b553b7860376de817885e0cc3ef2337bacd42d0e20cd874cfe9f67e544c5b48bf2d4e91aa94b7c74a94c57baf41be196c96ae77110ac0172f7905881c0
SSDEEP

384:3woEHTiL/xDAJQx+4bnWZyJLk24jXPl6k3XEAzj9iRYXqu:3w78NhbWA2XPH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df3e23725e706b3255325ff66a13f02c_JaffaCakes118

Files

df3e23725e706b3255325ff66a13f02c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\User\my documents\visual studio 2010\Projects\WindowsApplication12\WindowsApplication12\obj\x86\Debug\WindowsApplication12.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 205B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ