146a016ef93a3fc1b5580bc953fac138_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

146a016ef93a3fc1b5580bc953fac138_JaffaCakes118
Size

419KB
MD5

146a016ef93a3fc1b5580bc953fac138
SHA1

b137b8d46b763b1caa0da25471b18a62c252f01b
SHA256

e5330722af5832b464d7d01e3e72bd82ef9f35af3656209bb79db4cea080f2e6
SHA512

ef825d5ce086dc5ee830d604d60b4e9c5f6d2e4e1ea103bd0142d061fafe279bbd219d1a3a7a106c22e693806aca2dc177e3a44805e8c014f5f6e4a90e96a093
SSDEEP

6144:hhDosnHRy2TNCk9qaf/oVUOIlGLQia1lLqf9P+PbUvOO3a32fwD:hhsmy2T/9qaEKIHa1l292byrE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
146a016ef93a3fc1b5580bc953fac138_JaffaCakes118

Files

146a016ef93a3fc1b5580bc953fac138_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Owner\My Documents\Visual Studio 2005\Projects\NovaCipher_Loader\NovaCipher_Loader\obj\Release\NovaCipher_Loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ