40e629b707cf6cb5c024a53201ad05a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40e629b707cf6cb5c024a53201ad05a1_JaffaCakes118
Size

11KB
MD5

40e629b707cf6cb5c024a53201ad05a1
SHA1

62b498a64d9c1fa65208286b660e2f2870266fc3
SHA256

26a2bb5e955bd8ba7c35c9136f3d850b750d4b07a1708e542868bd530f0a465d
SHA512

3e3846c843b17e7ce3b19a71c8d16df1bf659af2e45cf26a7d325056d72ef3ea744404d9932fa5af6786f9bbcf91859fc8e684cab0d670f09ba89218298e2108
SSDEEP

96:7G49LBInBOTsQlBpHNrwsMdzoTDMQbSegJitANQc5BZLz4lU307Jghb/UYUVC8Ir:7GkMdqhgJocLZ3+i07mhU5TNfW7P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e629b707cf6cb5c024a53201ad05a1_JaffaCakes118

Files

40e629b707cf6cb5c024a53201ad05a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\jensc\source\repos\L33TRobloxClothingStealer\L33TRobloxClothingStealer\obj\Release\L33TRobloxClothingStealer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ