eaac3d3454a700db4492ec0b263fb3f5_JaffaCakes118 | Triage

Sharing

General

Target

eaac3d3454a700db4492ec0b263fb3f5_JaffaCakes118
Size

108KB
MD5

eaac3d3454a700db4492ec0b263fb3f5
SHA1

6de16004d38dd8ae1718e1e30c014e99b997a7f7
SHA256

1c7aa56525a0d58a05b4262004972b780e2ed8a5cb7cbd80ad172e5d096b502b
SHA512

bf22aed53b45aa64fda89bc3f69c64bd1846b38f4d0d28ed37047c09f9b779434e9530def1fffc0f4ce16f1543fa3415b311fa255a4c23b281c5a9f226e3679d
SSDEEP

768:+NZA49tiuvKq/ORIy3QVKrbmh9jODxJdX8l5OEXUFn:MZYuvKquIygVVkDDdMFX4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaac3d3454a700db4492ec0b263fb3f5_JaffaCakes118

Files

eaac3d3454a700db4492ec0b263fb3f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Ryan\Documents\Visual Studio 2008\Projects\InjectPlz Refresh\InjectPlz Refresh\obj\Release\InjectPlz Refresh.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ