fa854fa70122f1bec5b926705e613917_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa854fa70122f1bec5b926705e613917_JaffaCakes118
Size

28KB
MD5

fa854fa70122f1bec5b926705e613917
SHA1

6d37560f663f3e4bd1f44ee15fabc8ec229613d3
SHA256

d765530e23b8c86341ef4a76d03b3e6be443750b2f4509f07c9f985edfaaf11c
SHA512

dcd5dee653371e2998218f31b044bb07147e772d3d11f6b35a4c0790488b754d6e3fed7edf9f5ed67379c5f92417d8218baff133535d03640c6c2b1d4eafa92c
SSDEEP

384:KlYxdpKulndX98tLsYsJmQADfIPHupvt4s+dKnZ5BLtp2iW0jI9pLz9QfIuTHRCC:bKuRJ/AEPHu58sT1r2i3I9DcIsCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa854fa70122f1bec5b926705e613917_JaffaCakes118

Files

fa854fa70122f1bec5b926705e613917_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Win7Desktop\documents\visual studio 2010\Projects\WinYabmServer\YabmClient\obj\x86\Release\YabmClient.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ