JaffaCakes118_6f9657a69e2efd42ae0357b15bd8b4ed82abea6c080d27a2e4104db1abbcc61c

General

Target

JaffaCakes118_6f9657a69e2efd42ae0357b15bd8b4ed82abea6c080d27a2e4104db1abbcc61c
Size

431KB
MD5

3dbfebdf1a9bb3dd6034e8d2781e0a0e
SHA1

e99211a5f1646b22458e23dc991043077a281f39
SHA256

6f9657a69e2efd42ae0357b15bd8b4ed82abea6c080d27a2e4104db1abbcc61c
SHA512

05fb783db4d2cc64c29be7729d356c0ddfb4341f859ac5be0269043b0831e2974008fd1bc52d4764619c28c3d08d225d13b47e62e1dd885c6c87fb2035014417
SSDEEP

12288:/2Bzc0szifJfm9N7ew4vMHhOsqb3O3W505Ct:n+fJ8JkuhOr7OmRt

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/89b0625b0fcefeedb72f401a1ae9fba4f0b11f1f78c4b64b468a4e14177da79e

JaffaCakes118_6f9657a69e2efd42ae0357b15bd8b4ed82abea6c080d27a2e4104db1abbcc61c
.zip

Password: infected
89b0625b0fcefeedb72f401a1ae9fba4f0b11f1f78c4b64b468a4e14177da79e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\XYoNjaOreK\src\obj\x86\Debug\MvAG4.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 523KB - Virtual size: 522KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ