1471a4f71e5b9e929489b56f58b4f190_JaffaCakes118 | Triage

Sharing

General

Target

1471a4f71e5b9e929489b56f58b4f190_JaffaCakes118
Size

134KB
MD5

1471a4f71e5b9e929489b56f58b4f190
SHA1

3bbe0885749bbffd89063a9e9b7998467692b634
SHA256

aed9a85f6c1cc885b43a24dbd43f9c36b6baaf05b5b904c42a4ef43b6f1773d8
SHA512

be7a96938a64665063dda0f1f5d9999aafdb2e2eee07e95356ed92f426af2ca135a6d838aaf09d9aa77af32ac70d477b6772939a6b4a82e00c1f6f386b148ca7
SSDEEP

3072:ytExij3pO5wUajYbgsYlPbQK2SGXKSpH:ywij3E5w1UbtusSyKSp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1471a4f71e5b9e929489b56f58b4f190_JaffaCakes118

Files

1471a4f71e5b9e929489b56f58b4f190_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\pawel\Documents\Visual Studio 2010\Projects\MyKeylogger\MyKeylogger\obj\x86\Debug\GHL.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ