e7d5590191b50341e50c831c4c3ccb16_JaffaCakes118 | Triage

Sharing

General

Target

e7d5590191b50341e50c831c4c3ccb16_JaffaCakes118
Size

306KB
MD5

e7d5590191b50341e50c831c4c3ccb16
SHA1

0e048dabc8b21f15918e306652dab2e630a3bf45
SHA256

5af17d13c3e916217850f653e93ff6551f2e2da64506ec4362f38396c7d2d2df
SHA512

584fe16ca896cb95562d66395a4e7ad9fa7bef5297a176bc4bcb35dcb10eb9b121949e6340a7ad4bc53dbbcd3a0b31117c3f78d0e7c03a7fadb8220892ee0639
SSDEEP

6144:lKRlfdLQsZ8KRlfde8jZ7rvaU3+mWrovXoSR:M1LQeFzFToSR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7d5590191b50341e50c831c4c3ccb16_JaffaCakes118

Files

e7d5590191b50341e50c831c4c3ccb16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\FEDERIKO\Documents\Visual Studio 2008\Projects - 2\Server Undetecter\Server Undetecter\obj\Release\Server Undetecter.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ