e9062daf11d8e830593e60a188ca885b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9062daf11d8e830593e60a188ca885b_JaffaCakes118
Size

4.7MB
MD5

e9062daf11d8e830593e60a188ca885b
SHA1

fe4aebfef2024c01d673c67210e3f80959802355
SHA256

a75c3978915cfd229742cb41edf399896c5c93d8c0ab2e10187362553c321623
SHA512

fdf3fdf2ad98d0282bfe5e3db9df613b835b6bba970c79ac8bd85ed328fdabfaa4ffaf96e693f32602ff8f133ab90ce067f940241fac738a190237c4f3d0fbe6
SSDEEP

98304:ECbTzsIB6PLw1H+KeRTkJnr26P6XZKyJn5Z05x+tT:tTzsNwR+lWnCDJdnZ0/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9062daf11d8e830593e60a188ca885b_JaffaCakes118

Files

e9062daf11d8e830593e60a188ca885b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ