b3f9720fbf0a87810e1e3fd38c541de5_JaffaCakes118 | Triage

Sharing

General

Target

b3f9720fbf0a87810e1e3fd38c541de5_JaffaCakes118
Size

445KB
MD5

b3f9720fbf0a87810e1e3fd38c541de5
SHA1

25b4e24757d22e064a0e12e780aaaa8e367f71df
SHA256

20963aed9ff246e13e89c2d51c92dd11323d82a96a878c81e072c8d97f34f99f
SHA512

845443be498ec1a9ee514eeab37baa690abeae44ca07132c7af29602efbe1ad6dbc6de93fb67747c530d1c9e0d89a9be4865375db552bac2002dbe6677c24158
SSDEEP

12288:d+zapgnZ0nxoK8pcJFuaDWM6BPWVtFNV0dX:4zlCnx82bRS/WDLUX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/sec-checker v1 By SECURITY ALSHAAB.exe

Files

b3f9720fbf0a87810e1e3fd38c541de5_JaffaCakes118
.rar
sec-checker v1 By SECURITY ALSHAAB.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\جوكر واســــــــــط\AppData\Local\Temporary Projects\sec-checker v1 By SECURITY ALSHAAB\obj\x86\Release\sec-checker v1 By SECURITY ALSHAAB.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 849KB - Virtual size: 849KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ