27a6bc5e26cde6130c9dc7599a9d4cb8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27a6bc5e26cde6130c9dc7599a9d4cb8_JaffaCakes118
Size

312KB
MD5

27a6bc5e26cde6130c9dc7599a9d4cb8
SHA1

907f84251e73cd0273366178a8c57b7999b80a97
SHA256

68834747dfaa8d131040c70ee0b35a02c97bb8a9b56a899e348d26bb58922891
SHA512

d4ffd3f9cad70370e9481304c8bf5b7f4670ab9caf47d6a1bda0dfadfca6a71fe4b05342d07c2a6a1c3942fc3df57a9b2a6447df5ed7bf880461e855b25a79f5
SSDEEP

6144:oZ323ZJJupIFjeneaK+yNriXU4AvoMw9qeDW:OmvripAD6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27a6bc5e26cde6130c9dc7599a9d4cb8_JaffaCakes118

Files

27a6bc5e26cde6130c9dc7599a9d4cb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Darky\Documents\Visual Studio 2010\Projects\stub-firstscantime-1\stub-firstscantime-1\obj\x86\Debug\stub-firstscantime-1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ