f0c0f12526d70bce78cb1040662e4fc7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0c0f12526d70bce78cb1040662e4fc7_JaffaCakes118
Size

116KB
MD5

f0c0f12526d70bce78cb1040662e4fc7
SHA1

0b5473799fa3d94e2c1405fa2222720149cd3066
SHA256

5522d130930494e11d3128901a6e3e35095e8f7ad38200f5b678b983bfd0f6ac
SHA512

842910f109a7cf298b5a959b0f1ec859a4f21e22bd8754b03a84b5060bc32ccfe594b17bb5a988a4834049de51f0aff80b28dcbe6312d9e008605f64e151ddc8
SSDEEP

3072:/etMZBG2wVtBCPIfcbN36B3moiVMQdOR0v3S2mSgHs41MF7:/NEUNKB3aMH+/S2jgHs46F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0c0f12526d70bce78cb1040662e4fc7_JaffaCakes118

Files

f0c0f12526d70bce78cb1040662e4fc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Arturo\AppData\Local\Temporary Projects\WindowsApplication1\obj\x86\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ