JaffaCakes118_09fdbd509562d4471f5dfdd846ce52b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

JaffaCakes118_09fdbd509562d4471f5dfdd846ce52b1
Size

116KB
MD5

09fdbd509562d4471f5dfdd846ce52b1
SHA1

d6769b8a44d5ee391e35dfa8d9d64013fa4be1fa
SHA256

53cd7a4bb97406de77324241f745145da9093b63874a9ece5d890bf6d5d17235
SHA512

891032ccf49fe6d8d640fa58651af79c24becdd0f0b6a4ad73a4cb1adddba60a651bc4603c30752dc98ce18dab62ed86330d54ff58f8a6a4eec4214d62211377
SSDEEP

3072:JiN0hRfrzKka3PWhWTZeBD4qc/+eHkdSiykH9OfM/y9SBje7fDYKs6:r1UM/gKjevY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_09fdbd509562d4471f5dfdd846ce52b1

Files

JaffaCakes118_09fdbd509562d4471f5dfdd846ce52b1
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\3VMI\Desktop\RAT\WindowsApplication4\obj\x86\Release\WindowsApplication4.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ