569836e8dfcace744163a000d7f00ee7_JaffaCakes118 | Triage

Sharing

General

Target

569836e8dfcace744163a000d7f00ee7_JaffaCakes118
Size

2.3MB
MD5

569836e8dfcace744163a000d7f00ee7
SHA1

5f58ae8450b0c2cdda87adc80cabb390f50f35ff
SHA256

e2a3149d18203f95828ad74f60f727bba1f17b1b5f46065286503b8b5c60a99c
SHA512

dded2c79c56bb692073733231614b1f84969c5461e4f9628212b220a5158b20dbfe687320da7ef3bdf0df77d03c63bf8c42c45bd937fd99b1c32a211d4b2dda3
SSDEEP

49152:MehBswx41bdH/dCIeD4L6OIlZWmJ6q5DEp9:3fzx4ldFCx4L6PZ95DEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
569836e8dfcace744163a000d7f00ee7_JaffaCakes118

Files

569836e8dfcace744163a000d7f00ee7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\USER\Documents\Visual Studio 2010\Projects\Yf840mo214oJ23w\Yf840mo214oJ23w\obj\x86\Debug\Yf840mo214oJ23w.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ