c9fa29e6e303450e5c9890518d27ebfa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9fa29e6e303450e5c9890518d27ebfa_JaffaCakes118
Size

548KB
MD5

c9fa29e6e303450e5c9890518d27ebfa
SHA1

314d358046143e4d4dd88e3d7dc0db9e9b999947
SHA256

be91eb148b36528adb2b49362c50a099cf0cfbf5f1d5bd18ce88751b3c779ae6
SHA512

a634a6657ae92b28cbb6896c92cdaa5be866f12d5106523bb8363e290dbebfea0381cf08d1f7ec93a1d127ba551b2e80170383fee5f2a57bd3030e3da1aaedca
SSDEEP

12288:z1P4rnksslb9WqPs08Eeo+3zKUO/+8c7eRgSB:xPAraIqknEmD8/+81tB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9fa29e6e303450e5c9890518d27ebfa_JaffaCakes118

Files

c9fa29e6e303450e5c9890518d27ebfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 546KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ