fb8e2acb76199a2210a7eb4861ce445f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb8e2acb76199a2210a7eb4861ce445f_JaffaCakes118
Size

40KB
MD5

fb8e2acb76199a2210a7eb4861ce445f
SHA1

886c8ada4b969b9289c5ac943368e0938036ffed
SHA256

e92c8b8a841c33c0d634bcd5925b7bd1fd91dde954b66594e4130cb08bc52beb
SHA512

38713032e7e05173abc6a121a97ed85d72f769934d4d6bb464baf15062030d8a36460c79002a5818e0c11e45fa43a77048dbc20fd6ba365434dfc26941fd3c86
SSDEEP

384:I9rJ9c9mVW43yEcZlUjAg54pkCM8BBOKlfNxQZ2a93DyD8TtoHCvAd/qf:v9HycB/Ni2apm8TCHLqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb8e2acb76199a2210a7eb4861ce445f_JaffaCakes118

Files

fb8e2acb76199a2210a7eb4861ce445f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\ASP .NET Sources\PasswordKeeper\PasswordKeeper\obj\Release\PasswordKeeper.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ