JaffaCakes118_4668453d0a5a11997010b4d6650209152cba73ef6e0c02c528f5260aef205a5f

General

Target

JaffaCakes118_4668453d0a5a11997010b4d6650209152cba73ef6e0c02c528f5260aef205a5f
Size

1.1MB
MD5

04f52423443a6cc01329df2a3367f482
SHA1

b8c209ad0827132d656325f695f5d39f72f6dfe5
SHA256

4668453d0a5a11997010b4d6650209152cba73ef6e0c02c528f5260aef205a5f
SHA512

9387629bc2ad8afc86d898b18b761bc7e0d04603c8eb0d621db680d637f46e8c4d4d640ff39d8d8e7f3b4116c3162694625d2d51c8b4350fd4c37d6612bc54dd
SSDEEP

24576:3rjhJhRdZYBSRfcR+4OZL5swTSlPQKoxO+l8rICYYkyO:7VZ+R+4OjhTSlPQx83TYTyO

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack003/YBCNP6X9PSJDXqv.exe

JaffaCakes118_4668453d0a5a11997010b4d6650209152cba73ef6e0c02c528f5260aef205a5f
.zip

Password: infected
6d68d30add4143d9ba667d1928d21aa5
.lz
6d68d30add4143d9ba667d1928d21aa5.out
.tar
YBCNP6X9PSJDXqv.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\QZhcSFRAfC\src\obj\Debug\ISymbolMeth.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ