4536d57747f7ae4d9195fce53215668d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4536d57747f7ae4d9195fce53215668d_JaffaCakes118
Size

600KB
MD5

4536d57747f7ae4d9195fce53215668d
SHA1

576df31ef0e201f363ebe13308be79269237469c
SHA256

725e9278c5f2fa27bfa16213e2fc4bad54326c8bd7e6023c1ee2c09dab0bbf83
SHA512

5d36f87966fde0bb0c44c697acfcce729dd4ef279dbe318412cfea6dcc94b57b964060b0d2d9a3e500a54d6029114a00283d999b8c2a407ce9d869bcfa89821f
SSDEEP

6144:SiEbE7SpQ/vPANEjXB+FKu8XqoGpbB6skVG6zj4nZwxa7qCPnQwhkLm/O4ABAtm9:STbE76QINzmWb8tknu5Uki/OZRGoO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4536d57747f7ae4d9195fce53215668d_JaffaCakes118

Files

4536d57747f7ae4d9195fce53215668d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Gogy\Documents\Visual Studio 2008\Projects\Client\Client\obj\Release\Client.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 594KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ