ebe390bfcbb5f42743f3afffd42e92a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebe390bfcbb5f42743f3afffd42e92a4_JaffaCakes118
Size

768KB
MD5

ebe390bfcbb5f42743f3afffd42e92a4
SHA1

9ea3e67aa28494eb4aada55677261fa8af462044
SHA256

779496d78a781110f14cfd0cfd6986bffb2d420f775c0e3865a762040f49acb4
SHA512

dc5d6cd7c81a0948fad4f1ef6723b7fc324f8270e95e20f82d349d64db0c70acadbc3b16523f7431761238ce73cf784bee843a9055d344f5f29c22e7605b07fe
SSDEEP

12288:0f6WJdpn1Dfyvnf336eqqXdWiBZUuRWuOYqvq2D:s6WJdL23KRGCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebe390bfcbb5f42743f3afffd42e92a4_JaffaCakes118

Files

ebe390bfcbb5f42743f3afffd42e92a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Roshan\documents\visual studio 2010\Projects\ConsoleApplication1\ConsoleApplication1\obj\x86\Debug\ConsoleApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ