35f754da3114d3bb47b31bf54394084f_JaffaCakes118 | Triage

Sharing

General

Target

35f754da3114d3bb47b31bf54394084f_JaffaCakes118
Size

820KB
MD5

35f754da3114d3bb47b31bf54394084f
SHA1

5340ca0a0d3182ba2e3a5032a781ebbe47572406
SHA256

633620e0cb1988ec5000a6245f0e1e7ba86b2d75dd97599ef99d2faa5f88c875
SHA512

eb7cd523b688e9192d8010bead93d630da637859ca506d4af7a4208f48e57bfa33ef10abe804fd9bcd027754bf3053b5e9603d58999a743e9e3f0fa89790b7c3
SSDEEP

12288:FmTgU2kvaQ/UKC9WaMq8RdE5U0d9eBgUh/YBHK7z4zKbolL7F:FmTgUHlrfdE6a8gUh/bSKboH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35f754da3114d3bb47b31bf54394084f_JaffaCakes118

Files

35f754da3114d3bb47b31bf54394084f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\moElvqJCHQ\src\obj\x86\Debug\LoopTim.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 613KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ