b08b3e32d70824efc376be391784dc48_JaffaCakes118 | Triage

Sharing

General

Target

b08b3e32d70824efc376be391784dc48_JaffaCakes118
Size

1.1MB
MD5

b08b3e32d70824efc376be391784dc48
SHA1

5697e5cbdf89875fcde4e0138502e2c5fd5c2158
SHA256

cb3ec57389ef463a58a5721042355cda8d227c151ea528e949817534e214bdc8
SHA512

316887470946ab9d046d290f4ff4f7bc2dae1039e48d0c9d614992e23e56b6354260b8c477f374035aa68f2c2d28cd65c4cb46c20c3d34f6696bf65619eb08b1
SSDEEP

12288:6BkjXoeDZJ7Y4jhWaItUs9jS4/lMmmGvgwV9iSCnnRs3bCa8QHmaqOY3haOp9nHP:6CXo6ZVY4jqS5Q81RsfHmkY3t6L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b08b3e32d70824efc376be391784dc48_JaffaCakes118

Files

b08b3e32d70824efc376be391784dc48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\jAXQwcOxXg\src\obj\x86\Debug\IEnvoyIn.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ