ef4cd7be5f6835598c09f3701cf68063_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef4cd7be5f6835598c09f3701cf68063_JaffaCakes118
Size

103KB
MD5

ef4cd7be5f6835598c09f3701cf68063
SHA1

94d25221964ddcdc89fee8b71b8db6eb32a1a4b1
SHA256

1614d3c9bbf994eb74ad85c51dc1b06eb5891982590cf9c83f708990b32be9b3
SHA512

d872676e7c8f60069cc80063c0d1ed820f9ee1547c2d1a9e20e56055a7b729a86c14aeefb61a3748244c4109f44a18cc9dc8e5dba4508b924d27e4c832b57fc7
SSDEEP

3072:D6XynSKLwmmms3jD73WmWI/u9pUYBak+/jqqDc:DoySKLqmFBR+/Tw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef4cd7be5f6835598c09f3701cf68063_JaffaCakes118

Files

ef4cd7be5f6835598c09f3701cf68063_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\YoozyServer\YoozyServer\obj\Release\YoozyServer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ