000bb339dba05ea8f454258721dded35_JaffaCakes118 | Triage

Sharing

General

Target

000bb339dba05ea8f454258721dded35_JaffaCakes118
Size

679KB
MD5

000bb339dba05ea8f454258721dded35
SHA1

2ca26c715dd45887a5c3fd0ccf6883972ed2af94
SHA256

d4391a7a1eff8f02ebd49ae4a61050b825eed773d3cb5a8bdf5603daa1e77657
SHA512

e3076454e0ce0a2c7f5289e98110dd3a8aec3b993eb34be90ea023b855ac05fb61bc54a14e388cea75020a828b75666f091642894b6a8a0e9989453f4e9956ae
SSDEEP

6144:mGE+NRU+ueOwjsBjZ6ch0rWNOf1lxjO14VVAGy5O/B/ZF4:mGEkR0eO3HKS1Qi5ObF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
000bb339dba05ea8f454258721dded35_JaffaCakes118

Files

000bb339dba05ea8f454258721dded35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.ou&CK
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ