fae379297c0c4cdfca482f7db7678faa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fae379297c0c4cdfca482f7db7678faa_JaffaCakes118
Size

371KB
MD5

fae379297c0c4cdfca482f7db7678faa
SHA1

174089dc135fb3f9dbeefa277d3ea08273e9bcdb
SHA256

a6f4d26561086820019495a72e9048c44630d6d80390cc2d61feb072701496b1
SHA512

2012b4f08779b5d0396701d41f1d327ef5d33dd007af1ee5b074c7bd90a7ad8a8592ea95f85a1ceceb6242d8a8e7c80bd3c59be164b216b94f727166a7a1de08
SSDEEP

192:nS4LmA1WWWg6K1wqQTdqW2qF9k/rRPPww/nuioD/j8KwFOUEAV9+8VdYFHBBBBUF:VmqWWWGDAbkTVESZqKMiOrfHvW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fae379297c0c4cdfca482f7db7678faa_JaffaCakes118

Files

fae379297c0c4cdfca482f7db7678faa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\Project_VS_C++\ConsoleApp2\ConsoleApp2\obj\Release\Microsoft Outlook Communications.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ