cdedf79a0a0bc6535e4c89124beee5c8_JaffaCakes118 | Triage

Sharing

General

Target

cdedf79a0a0bc6535e4c89124beee5c8_JaffaCakes118
Size

846KB
MD5

cdedf79a0a0bc6535e4c89124beee5c8
SHA1

56e07564f400dbcb7766a505b170ccc0d7e98a23
SHA256

be9229b4f9e3e523ff9562fcbb16a68b3707e6bd8192813352506471583eb6c0
SHA512

5caaee5faf0ab875803cda11b6c6a36cd69ff8c569ac1a8499b4504db67daaf05f1881d2d643935f2b0510fc79a60169b148022b67e0b2bdf9615067ae33d05f
SSDEEP

24576:i9wmFAvjfb7hxLjIL4ZXlWrR0RxQKboH:iwN7Hh9jIL4xlWi/v0H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdedf79a0a0bc6535e4c89124beee5c8_JaffaCakes118

Files

cdedf79a0a0bc6535e4c89124beee5c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\KqjeTdHQrA\src\obj\x86\Debug\ThreadPoolWaitCallba.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 639KB - Virtual size: 638KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ