11c381e5da5ac1fcdb0f6aaeed81f1d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11c381e5da5ac1fcdb0f6aaeed81f1d1_JaffaCakes118
Size

344KB
MD5

11c381e5da5ac1fcdb0f6aaeed81f1d1
SHA1

75ae7c673f0a7b69b019ea32139451abbde2a3bc
SHA256

86cb995484ede0ab66d7d4f3137473f91a72284b9c32f9f504db8c156f571afb
SHA512

1fddcd46934523c62ad23e33bd76cd599695db275f76821c40ffacb3cb8db4e952251683019b65f1db767916cc7461932c5bd0072cf7fb7dd2a9cb80b6217ead
SSDEEP

6144:xNZWhMq+/dWbkMhfAhGHFh7YtkieiCadd0+peb2eldQ6t9JUkj1RyRGzjheduL:7ZKMLVWbkMhOGn7L7inddPebRLLWGzji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11c381e5da5ac1fcdb0f6aaeed81f1d1_JaffaCakes118

Files

11c381e5da5ac1fcdb0f6aaeed81f1d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Windows7\Documents\Visual Studio 11\Projects\Old\Banii\Banii\obj\Release\??.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ