0ed398a4d031b9cfb10e3fedf97ad836_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ed398a4d031b9cfb10e3fedf97ad836_JaffaCakes118
Size

600KB
MD5

0ed398a4d031b9cfb10e3fedf97ad836
SHA1

5c56fa5d01314c7c9ba9000611e23f9c9bf8f5ba
SHA256

acf6df2514ffa996d91f934046560258cfbc9c1bbdd08d26c42b933f561c1c73
SHA512

4b61736ded6b9d76b67b1b79a3bfb1c20b08c57e3c984fb95436b660fde95893d4baed2ebf4b660f97211c7bb742b2d132defdb2472642c12a729ac591f57ddc
SSDEEP

6144:jTVz3zVkW0nLbO9UJUQTFgNZUjQGp5hWptO6B5EvXHCCnhmC8MX6rdfwifsyzfYZ:XdjVkWmLHhWpth6XTkC8Mq5ZtY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed398a4d031b9cfb10e3fedf97ad836_JaffaCakes118

Files

0ed398a4d031b9cfb10e3fedf97ad836_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\My Data\My Programs\Windows\Microsoft\Microsoft Office 2010\Crack\My Tools\VSProjects\AutoKMS\AutoKMS\obj\x86\Release\AutoKMS.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ