f0b83183af8f1fa05fe6134bd4ebbd4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0b83183af8f1fa05fe6134bd4ebbd4d_JaffaCakes118
Size

196KB
MD5

f0b83183af8f1fa05fe6134bd4ebbd4d
SHA1

09074267ea55126096ce864798f734e9c51a65ad
SHA256

cfe3e07eec16c6b6dd4f3a58bab5ce376a1065587b2e51c084954c5254d53f9b
SHA512

5106c5582a051e72de5381f4a4abe76578c1ed5babf18e5eff6845d38b9ea100bc8d4a5f9fffcf7770d10f478d1bddf33c9066b74269555e0b662d10d449fb5c
SSDEEP

1536:4NAUtkt02HQwyLpBaWW9Q4rXxlnhuZyxkNgUKVET26b+XD3Pml0o0cRv9AGTDXIt:qltkzwwqy9hXrhm1QTPmlp0Iv9zD3NYx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0b83183af8f1fa05fe6134bd4ebbd4d_JaffaCakes118

Files

f0b83183af8f1fa05fe6134bd4ebbd4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a84c3b6597d7b10acbfd7356342c8c27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\usuario\Desktop\DC\Microsoft Snow\Microsoft Snow\obj\Release\tabla.pdb

Imports

masketu

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ