134f6603ee7be58307502b543b9a9d4a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

134f6603ee7be58307502b543b9a9d4a_JaffaCakes118
Size

20KB
MD5

134f6603ee7be58307502b543b9a9d4a
SHA1

97fa3012a0ab03c06766d1bb43bbf74beaf6b6e1
SHA256

2d12b60f70ddb89f4195be0860f425e8ad03ebe0a017ba22696ef66661369daa
SHA512

ca4f6010708198cd78e31286b6c88d69b39162ecf4b0a4cee332a7f953250854ac34d196b62107e1ac61b774c843a7650ec08e43e00e0bde9ccf623300bae347
SSDEEP

384:mhtmkQwEdJ1Ysj7XVN6kLX9wQV7I6d0H5D2RCYrejdlLSTE9:MvQNJ1Ysj7lN6k95dSN2RCiofGC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134f6603ee7be58307502b543b9a9d4a_JaffaCakes118

Files

134f6603ee7be58307502b543b9a9d4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\michael\Documents\Visual Studio 2010\Projects\K14rWorker\K14rWorker\obj\x86\Release\wworker.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ