fae17a86679813a34b1bc30abfd606b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fae17a86679813a34b1bc30abfd606b1_JaffaCakes118
Size

69KB
MD5

fae17a86679813a34b1bc30abfd606b1
SHA1

54b73b2fabd541fd95bf00b9166a21e6f4879611
SHA256

40ef0e56580e6ea99e83385891440eb71202e17b03a06e422942bb5fe2e75249
SHA512

46c6ec10d8cfd1c12047c48e8024b67c21ee091b0bd6bc66c69f45732433d70080666f2c6603eb9cb5346217f1c41e19a0d0d3774347c3aa813a809ebf13b417
SSDEEP

1536:3dl7kG0KBM+6/8FK9sPORgl2o7vaVvu9nQ45Skh+42Cv15uK+yZj0jWBJLXM+7JV:3dl7kG0t42CN5n+ukWBJLXNzDzTDYzD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fae17a86679813a34b1bc30abfd606b1_JaffaCakes118

Files

fae17a86679813a34b1bc30abfd606b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Paolo Piselli\Documenti\Visual Studio 2008\Projects\WindowsApplication1\WindowsApplication1\obj\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ