03589e5a2a7175fa34c57a3bd21da41e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03589e5a2a7175fa34c57a3bd21da41e_JaffaCakes118
Size

82KB
MD5

03589e5a2a7175fa34c57a3bd21da41e
SHA1

5fb63504149d210179ac46f1d8557144c37ecfd8
SHA256

af0a3f5966c9e02344b1f9d6fc55b0a67888622ad80158d26cc86cca855838ec
SHA512

d6cfcaa2b4e3fc91bcfd929a1625b57f27891d4751432e02ca3c4eb318d4f4de358dad8c46f31d98c25ab3ef270d6aa0c107bd9c2ba264786d8398097e270441
SSDEEP

1536:pPyxjp/tXx8SJKjL/Kb1ndsJSrJys9bRau+gb3QtKO+:pmVBJ8jLWndsJS9ySRZb3QgX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03589e5a2a7175fa34c57a3bd21da41e_JaffaCakes118

Files

03589e5a2a7175fa34c57a3bd21da41e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\asus\Desktop\Quasar\QuasarRAT-1.3.0.0 - Client - kopie - kopie\Client\obj\x86\Debug\Client.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ