e23a50f52c3c9b2976ae32dca5b424f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e23a50f52c3c9b2976ae32dca5b424f4_JaffaCakes118
Size

570KB
MD5

e23a50f52c3c9b2976ae32dca5b424f4
SHA1

19dbb171e1b62111a9901ea263093285dc95ea3d
SHA256

9122629484d049c40c7140be70efb3f3c125d743c1ac2b8a1b7bfde5b4bcf77b
SHA512

6f87e2ab7e06536ab9ccc7486dcc904ec4fac865c9ef683244bc7082e18e66b61003b6136a60a09012df74858d91839aaefb10eec52c78ec0083aeb19911ae40
SSDEEP

12288:BmeYO1nvA2vUuZNlLIMWgHKN4qCPCPNSblbPylJfKYO7:pt1nvAMxU1gqeqLPNShKJfU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e23a50f52c3c9b2976ae32dca5b424f4_JaffaCakes118

Files

e23a50f52c3c9b2976ae32dca5b424f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Benjamin\Desktop\Dossier des Crypters\Code source Kurtix crypter 2010 [Devil Edition]\Bombe\obj\Debug\Kurtix32.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ