74780ce2d7cca50a2e02d895f16b7646_JaffaCakes118 | Triage

Sharing

General

Target

74780ce2d7cca50a2e02d895f16b7646_JaffaCakes118
Size

686KB
MD5

74780ce2d7cca50a2e02d895f16b7646
SHA1

a1ac8a1ad30801415c85e92522009acfbbecc647
SHA256

4a683c5439a91cd97ba2a68258528f2aa4e640a650219b2ccd3e30468062cc83
SHA512

958d5447306cb0b51ecd2a70d954ba12a440bc834284783301d95b1a98474c93f4cf8cbcca52819ddb5907d174ae56685cfd6d402e5f8239fa6995a003ad8dbf
SSDEEP

12288:A0yjePRkouFP8gpfJOZ9autdjvP/OlYYONpNqEayhK:hyCbutx0zau/gZOJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
74780ce2d7cca50a2e02d895f16b7646_JaffaCakes118

Files

74780ce2d7cca50a2e02d895f16b7646_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Alexandra\Documents\Visual Studio 11\Projects\02.20.2012\Safiucutine\Safiucutine\obj\Release\Safiucutine.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 586KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ