asyncrat | JaffaCakes118_a2e23f944ef5201fcf9d3f4fd042bf5775d353f3734e5f937db994ce7959a499

General

Target

JaffaCakes118_a2e23f944ef5201fcf9d3f4fd042bf5775d353f3734e5f937db994ce7959a499
Size

4.7MB
MD5

51b2b8e3e39542cb1d9fe28897749c4c
SHA1

b8d1fef85db32b2d18720d262b91edc095739836
SHA256

a2e23f944ef5201fcf9d3f4fd042bf5775d353f3734e5f937db994ce7959a499
SHA512

037a6baac883fb5f842a67351426b30381b2b64a3744bb46333d520eb8d013f690a90a8f4865c17849c1c96ef2ac6c907be329cf142a8a66ea8967b4754f3f56
SSDEEP

98304:lBtGZoZWqcq+ew2/W6w6F+75eIE/GuW2OIY+QIWR7n:lrCkWN7e5/VF+AV+8y7n

Score

10^/10

asyncrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c73b1ffa39c5843b2ed951ac48350d1deb33db4057341f1dab1ee64ea1a62248

JaffaCakes118_a2e23f944ef5201fcf9d3f4fd042bf5775d353f3734e5f937db994ce7959a499
.zip
c73b1ffa39c5843b2ed951ac48350d1deb33db4057341f1dab1ee64ea1a62248
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

PDB Paths

C:\Users\28718\Documents\GitHub\DcRat\Binaries\Release\DcRat.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12.2MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ