084bdc5981f004ebd2b0db45fad6f0e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

084bdc5981f004ebd2b0db45fad6f0e7_JaffaCakes118
Size

576KB
MD5

084bdc5981f004ebd2b0db45fad6f0e7
SHA1

1f3b5a40ce256bdf06279aafb47131f2d40010ed
SHA256

a91761c10ebe01b8a7a284a03c523464d31656fc21eb497e10e70cb6438f71c1
SHA512

caa50a0e7986333cbad411247539b783c4ca254409efd121993eef1295917f49a10300f342857a0b8d4e2fe3fe22ec84c84a04cc86ff6fb0c72d1577d4c29c32
SSDEEP

12288:9D/bNV2dgy1ByCf8wPtqCCdT8R5TmAIZnbC/qE:9ff26Iy6Ntq/80bC/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
084bdc5981f004ebd2b0db45fad6f0e7_JaffaCakes118

Files

084bdc5981f004ebd2b0db45fad6f0e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Dodo\AppData\Local\Temporary Projects\DodoInject\obj\x86\Release\DodoInject.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 568KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ