cybergate | eb3ce7f0d647f239a159167907f836a3_JaffaCakes118 | Triage

Sharing

General

Target

eb3ce7f0d647f239a159167907f836a3_JaffaCakes118
Size

1.6MB
MD5

eb3ce7f0d647f239a159167907f836a3
SHA1

42cc9c03c91e6f2b600d7dc253b504243ba7f4ca
SHA256

0e077e4f0a8d3577842cb795c8571937db45b057501e33e9d869b0b8f6b82159
SHA512

6c249b58a1fa0fda66067c2c8b2d3ac9e82186a49b46f56aa7d7524e9093ff2e9fb3d78a1e363a68cfb3dc44460a466cf1ed9a88bc089c86190878a3dc02f441
SSDEEP

24576:Jx03nIlcXgYZhukuphb03nZupGxe9qee4fjV/9OklU:Jx0ycXgYWFX0cz9/e4fPO5

Score

10^/10

cybergate

Malware Config

Signatures

Cybergate family
cybergate

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb3ce7f0d647f239a159167907f836a3_JaffaCakes118

Files

eb3ce7f0d647f239a159167907f836a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Giovani\Desktop\Exploit Binder\Exploit\Exploit\Exploit\obj\Debug\Exploit.pdb

Imports

mscoree

_CorExeMain

Sections

.ADIF
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ