252060d57c716c97663988ccb19309ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

252060d57c716c97663988ccb19309ee_JaffaCakes118
Size

60KB
MD5

252060d57c716c97663988ccb19309ee
SHA1

c0d2b7f8cc72dd26e71e738bc36e31840a4e5e70
SHA256

5db01afabd55b585ed39ab50448c799a670a682dce10a082f47df727332775f1
SHA512

36346fd23782b6719817cdde7171cb73f1b10949bc65e004b334313d3407570f004da2ec4e999c207bc101f69a1abb12a941aa72b8e6d1774bd9ba0a9a654b52
SSDEEP

768:5/Cy/36aHavWUltWGfhVFzRUeYEURZk/I9OQaFTSRdCvSKbBGTIcsjPgBc3D1wdE:5PrUlPnJmEUnk/IlaURd8bBiLByUtS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
252060d57c716c97663988ccb19309ee_JaffaCakes118

Files

252060d57c716c97663988ccb19309ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Temporary Projects\Injector v3.0\obj\Debug\Injector v3.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ