Extracted

• JaffaCakes118_cafcddcd0637d5a1bfaea8e9c6b05165

  .exe windows:4 windows x86 arch:x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Code Sign

  4e:e6:a1:b2:21:74:58:9a:43:68:65:7d:c3:8b:e1:d4

  Certificate

  Issuer

  CN=Perdured,O=Gravlax Normals Inc.,C=IE,1.2.840.113549.1.9.1=#0c1b6b65726e656c6c6564706f7374706f736540676d61696c2e636f6d

  Not Before

  15-10-2021 21:00

  Not After

  22-10-2031 21:00

  Subject

  CN=Perdured,O=Gravlax Normals Inc.,C=IE,1.2.840.113549.1.9.1=#0c1b6b65726e656c6c6564706f7374706f736540676d61696c2e636f6d

  21:26:87:2c:6c:64:32:f3:ee:4c:27:0d:81:c6:c1:ed:08:83:84:cd

  Signer

  Actual PE Digest

  21:26:87:2c:6c:64:32:f3:ee:4c:27:0d:81:c6:c1:ed:08:83:84:cd

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 98KB - Virtual size: 97KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ