e1c569b3c207a8cdb7d87a9343cf436e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1c569b3c207a8cdb7d87a9343cf436e_JaffaCakes118
Size

1010KB
MD5

e1c569b3c207a8cdb7d87a9343cf436e
SHA1

b092fdb027cdf05899a1f4d8ebfd45beeb9f7eb6
SHA256

936e43c9d25645f9f9431ad90f8e8cbc0eb9edb75984ca2338811f13c7604b32
SHA512

d87a81693846fbae3e7bd2aab4d6ca863d6850795ff6b80be7dd0f82afc24129814f4c146d3011ecd3ed0c1d36b19d551642569ad61faa845c06f7348192f5c4
SSDEEP

24576:oc+lPY8XAqmT8x7XdCGSo7n2xlM9ZyCmyVmMB:ovn1d3So72nMbzD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1c569b3c207a8cdb7d87a9343cf436e_JaffaCakes118

Files

e1c569b3c207a8cdb7d87a9343cf436e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\_Bld\10657\7994\Sources\obj\Win32\Release\EvaluationContainer.NetFX45.csproj\Microsoft.Mashup.Container.NetFX45.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ