eb67a5eb7def23f4845e2d7c0bc9ce47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb67a5eb7def23f4845e2d7c0bc9ce47_JaffaCakes118
Size

322KB
MD5

eb67a5eb7def23f4845e2d7c0bc9ce47
SHA1

24f81ab30e582400cd0e8ef6d4d5247e2ad14009
SHA256

c6b3025551a7f4ebda7141b80c992318b371254cc344b7578e4de7fe3a1a0d44
SHA512

5c77474f2f886bb385b27ab93b0644db26b8b962daae67420234fd643c1a62a3aead4fd93161cf4d64428fe118279dc0665701e5e4538b86ca385966e16c6e5b
SSDEEP

6144:ghgiviOUBKnI+uk3tXKBNaEab5NGJvXWcaxyMeacGyEpvVhXO74ir8X5efiSJnnd:UgGZIWuutXWralNAvXWcN/GyoN5K4irN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/errorfix_45646Win32-64b.exe

Files

eb67a5eb7def23f4845e2d7c0bc9ce47_JaffaCakes118
.zip
errorfix_45646Win32-64b.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Administrator\Documents\Visual Studio 2012\Projects\Project1\Project1\obj\Release\wene.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ