cybergate | 08f928f9a834f6b6433f6011ce48a19b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08f928f9a834f6b6433f6011ce48a19b_JaffaCakes118
Size

2.3MB
MD5

08f928f9a834f6b6433f6011ce48a19b
SHA1

bed5c8484d435cba2725f3183a5d1e6f2b4a318e
SHA256

e2953ccabab05486136de7663b727b57818195510f2811a690d897b17541dade
SHA512

90dffb85a9095162966e256bfacb1a3b263ad4351d7072308faf12381560b6586ffc5eaaf27409e9ebf12383adf8317f54620e489a9eb9e65b0f367560a19103
SSDEEP

24576:Rslbd474mfqRebSAqEpl3KGdsd4ds6fDOB7OTDriYiQ6IVVYj/ZBuGAV1S7MMV:RslOPfiGSj/rlAV1aV

Score

10^/10

cybergate

Malware Config

Signatures

Cybergate family
cybergate

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f928f9a834f6b6433f6011ce48a19b_JaffaCakes118

Files

08f928f9a834f6b6433f6011ce48a19b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Dokumente und Einstellungen\CaMoTraX\Eigene Dateien\Visual Studio 2008\Projects\Stub\Stub\obj\Debug\Stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ