140c578a418a38359a4ed87ae306f6c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

140c578a418a38359a4ed87ae306f6c6_JaffaCakes118
Size

123KB
MD5

140c578a418a38359a4ed87ae306f6c6
SHA1

06647cbe060ae419dcf6737320510e87946b9b22
SHA256

042a99e7ba833f7c10817366a063ab110b08ae78072baad5172bb6e05ef1b981
SHA512

b2ce359c28c40e515e4d9a5271c6e1604e915a2a464de81e45426473e97d9f9a82c58d81050f34c7ab12b282b87b3ba027102773815e118588ccf8828b633c79
SSDEEP

768:Ki5SfSAN4zdK6JIO0/jPyY9t+rgNWm06t5nh3lGDzIZm7D7aLgv6:dSjC1JIFjT+rgg2k8s7aLgv6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140c578a418a38359a4ed87ae306f6c6_JaffaCakes118

Files

140c578a418a38359a4ed87ae306f6c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Admin\Мои документы\Visual Studio 2008\Projects\rifa\rifa\obj\Release\rifa2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ