eac34eca3774548ae8940f478e55fb0b_JaffaCakes118 | Triage

Sharing

General

Target

eac34eca3774548ae8940f478e55fb0b_JaffaCakes118
Size

559KB
MD5

eac34eca3774548ae8940f478e55fb0b
SHA1

66869db73cf85e9288a13e6433e212c9d52feb2d
SHA256

00ace81a9b0d5712f950f9c3c0a94bb7e9b1a79fb61dd61be5a82752786ff238
SHA512

5eb36d031564aea9e9067a2030581c32fded7423c9b6a59f343701db26846ee2b42e4dbe08b6c215bc16189d8b32e13ac54f517917fdbf29d7f6cf3dba573928
SSDEEP

12288:RkI0NeA8sTQaS2Gkv28yS6Lfgd/HwA5GYp:90AJO1QSQIp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eac34eca3774548ae8940f478e55fb0b_JaffaCakes118

Files

eac34eca3774548ae8940f478e55fb0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Patrick\AppData\Local\Temporary Projects\WindowsApplication1\obj\Release\Update Loader v0.5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ