ed43af7b193ed81c6e26a32b94e85059_JaffaCakes118 | Triage

Sharing

General

Target

ed43af7b193ed81c6e26a32b94e85059_JaffaCakes118
Size

207KB
MD5

ed43af7b193ed81c6e26a32b94e85059
SHA1

8967043155e61090caa4f1ba6b52395c1da08f17
SHA256

10887d73d64c6dddaf82a238733c5b6846b596bc74038a16b963c5c08e9136bd
SHA512

251902a4332ef45676a11d0c8563b0752405075a6eab2239f818aa9a8db1bbd691cfe48d3d9cd6daf44c8c0a11b60deb52aff856328e00299f89d7b938523584
SSDEEP

3072:DG6kSNbTtLW5D8+vIyNsHNwWSSqS7fp8ECaPKbIwzq+aFdLO388SxOjbUj6wSzOZ:xNbTtLW5Dp2HNwKY+Kb6gUtvIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed43af7b193ed81c6e26a32b94e85059_JaffaCakes118

Files

ed43af7b193ed81c6e26a32b94e85059_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Home\Documents\Visual Studio 2008\Projects\Stub\Stub\obj\Release\IvW9PEZOBg6nZAzLjKr94L8v5J3i9fvbss6OSHx5nW8h9kSd0BWCsDJ1Z0pMFVUjDl7NgalIHD3j6025W9JL2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ