711486a19e8b011528dee34a5d25776e_JaffaCakes118 | Triage

Sharing

General

Target

711486a19e8b011528dee34a5d25776e_JaffaCakes118
Size

140KB
MD5

711486a19e8b011528dee34a5d25776e
SHA1

7e131940fce4d157d0a338b8285e8e2298e8677d
SHA256

880823dd9df0ca6047cd829a1031e8a167ccec0629fdeac40a097dd555debf7c
SHA512

9213dc1b1ab70e6672e6bef43a50125e7752de303ddbdbfc5b395f3b228363dd57c036befb21c83945207954575b90021af0d4e1f6872253c20475f3dbc4e894
SSDEEP

1536:rcQx/fZwezQjUho9JdZ582xHcocSVwVcl:IA/RwecEo9JdZ5rxvdVqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
711486a19e8b011528dee34a5d25776e_JaffaCakes118

Files

711486a19e8b011528dee34a5d25776e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\polem\OneDrive\Desktop\Ransomware_visual_items\Rasomware2.0\Rasomware2.0\obj\Debug\Clownic1.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ