32a10699a34e1eb1f33fdd49ead4bdfc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32a10699a34e1eb1f33fdd49ead4bdfc_JaffaCakes118
Size

156KB
MD5

32a10699a34e1eb1f33fdd49ead4bdfc
SHA1

03c48fee631cb921320d7cf7deac21f14275d3d0
SHA256

48ea6b3d3a015cd87a31eaada886b8d99d62d550af4bf8e8263273c3395bff50
SHA512

f2caf1415987fda6821aa162ae53a6a23a14e833c1f5dcca0aef6ea6875bb08a38fce1a97f96b3071c7e1fc13e9619fdb2eab84d3fd5c51d9f8a7bd01c4110ae
SSDEEP

1536:xakaBQO/lNQ44oHhBk+4EtzUMnftkKKdNz:bUP/lNQ448hBH4YRt4dNz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32a10699a34e1eb1f33fdd49ead4bdfc_JaffaCakes118

Files

32a10699a34e1eb1f33fdd49ead4bdfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Flame X.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ