fb458fa8e1c64c95883c640635771f3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb458fa8e1c64c95883c640635771f3a_JaffaCakes118
Size

132KB
MD5

fb458fa8e1c64c95883c640635771f3a
SHA1

11cd2f69045ff58d074057908f8456ce24e348b6
SHA256

0a5b94b6fa1d38c1108e0f5b3dcc1079971d6dabe709a9f8546b7219ef7ba450
SHA512

dbca137a66bd5e7bac8228a54214410f13428ed9ece17e646b680fc69071e1e873c082e8fb90a8394ee26365d1fee50b4172b865bec1fddd369de5fce806b7b2
SSDEEP

3072:Hl3mdxb45870mob5AVLzZ7nL2tS379ZFHRGyLeSVL9ZnqRGhbf:IN4y0tA9VTQS37Vsyt9ZnqEl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb458fa8e1c64c95883c640635771f3a_JaffaCakes118

Files

fb458fa8e1c64c95883c640635771f3a_JaffaCakes118
.exe .wsf windows:4 windows x86 arch:x86 polyglot

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ