17ef67965cda4d2d2e48a227aae3f170_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17ef67965cda4d2d2e48a227aae3f170_JaffaCakes118
Size

44KB
MD5

17ef67965cda4d2d2e48a227aae3f170
SHA1

2c42f6483b1a1999ff8425a1b16a7d02794a84c7
SHA256

4af1342e5be7194155b6ea7f9fedf0118c0fea08736567852ed5b3404d4fd52d
SHA512

99addbfe99a390fb51e3908d205d9c6d11b7eb515faf661f964a051e14da1b13431966539effbeed7ad16f3c232b0f58aa8801854018cf82ea3981c0f453e77a
SSDEEP

768:6NSJ4IdNxxLxsvvyNTZvhmv2oOsv1blmlbIE+ev9RYsdn3E4+WieHTFcm9a0k04H:1JtFpxsijh/oOKdgtXflxbbNHTS6YH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KobacProxyTools.exe

Files

17ef67965cda4d2d2e48a227aae3f170_JaffaCakes118
.rar
KobacProxyTools.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
downloaded from crackingfire.net.txt