eba2a39642c4b7ce44b43e04056633e8_JaffaCakes118 | Triage

Sharing

General

Target

eba2a39642c4b7ce44b43e04056633e8_JaffaCakes118
Size

603KB
MD5

eba2a39642c4b7ce44b43e04056633e8
SHA1

92b51c16963653de5e680643fee0e649f4d61ce1
SHA256

dfbddd593573d22f463ddb6d75e59aa37dae2b7c130d81fb7a79c57457d7cab8
SHA512

c4be4a541cfa74bf386289772e6c93ab38ea1429e55353ad52edc1a04ef21e6420a74207e2cc22c168463bf2e23ab27e163689d91ccc51fab36435994e5594dd
SSDEEP

6144:G2DSTd3jw73/t0oBgpXZNa8TJ0ZIvY5OyHpBvyghefeVUTVokQyZGVbQlRxi/7ka:gdO3/XMPT05OyHpBvygTUxiyhoRkz5a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
eba2a39642c4b7ce44b43e04056633e8_JaffaCakes118

Files

eba2a39642c4b7ce44b43e04056633e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 601KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ