178abb46d648e6466781777954e5d5e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

178abb46d648e6466781777954e5d5e4_JaffaCakes118
Size

142KB
MD5

178abb46d648e6466781777954e5d5e4
SHA1

e59e19b20469f1ff97e813d87ee9cd88cb14eae0
SHA256

7495d000b3d29f0d416004b81ba0cc3a3b9a52ef259456891a5f5cc33aa7b9d9
SHA512

f0aa1398d18f54f40eb149eecc98cdfa58c49e6f6e47291f7a716ecd86cd6f29c93ed7ffb17c9391e7af1d48bea5b85c75efccc766ff1800589f706569306057
SSDEEP

3072:uAjVd1nut+uV2mTVDjFwkWl176jZ1hCagdQvPW1BEgLv:XVdRQ/vqkg1gEagdQHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
178abb46d648e6466781777954e5d5e4_JaffaCakes118

Files

178abb46d648e6466781777954e5d5e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Programlar\mFd KeyLoGGeR\[2012]\mFd Keylogger(svchost)\OpenSourceKeyProwler\obj\Debug\changetosv.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ