ddf4de59bbbcd5013be1dcf4f83e99c4_JaffaCakes118 | Triage

Sharing

General

Target

ddf4de59bbbcd5013be1dcf4f83e99c4_JaffaCakes118
Size

636KB
MD5

ddf4de59bbbcd5013be1dcf4f83e99c4
SHA1

c091d87ee9f79a46eacebf681dbd91182d09b941
SHA256

b61197c699ca9459b9cf8f6e9483939919f97b7a2bd88542e33fd9f3a8b92983
SHA512

1e7081ba933f07efe4ae0e082b299c44b62ae65ba9a8386984d3db5f6bb01827e957b328c2110c8bda4d676458238647dda89c6d0cdcbcbc0311c4445cbb57f0
SSDEEP

12288:0zpZEkh/OZUwFy3M18veFfQYLHc5LnawSMVicLkOfnhdalzGdvabB:7ry3SPQ5moQOppS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddf4de59bbbcd5013be1dcf4f83e99c4_JaffaCakes118

Files

ddf4de59bbbcd5013be1dcf4f83e99c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Rhys\Desktop\CryptedKEYLOGGER.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 624KB - Virtual size: 620KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ