3ca537ad587a8588bbec2fd9c05afdbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ca537ad587a8588bbec2fd9c05afdbb_JaffaCakes118
Size

108KB
MD5

3ca537ad587a8588bbec2fd9c05afdbb
SHA1

8e0035c5511c8818ec724d1eccfbfde7437553fc
SHA256

234680d5babb7cb35ff5219b85f19b51be53a3bb356f9ef722d7fb2704e678a2
SHA512

379c232c39bd5792c2e59ebbcb47158658669f3d12c42b33ef49d93888a67c5c2f41f1493cb2816b550736a51e47ae4468a98fa77e5d8087506d0e716572642f
SSDEEP

3072:tz8IRr9n+t/pcrYB5v2gBCrvJ6l1cWCm+9j:tz/r9+o0EMl1ca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ca537ad587a8588bbec2fd9c05afdbb_JaffaCakes118

Files

3ca537ad587a8588bbec2fd9c05afdbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Koki\documents\visual studio 2010\Projects\123\123\obj\x86\Release\123.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ