39d0db6e95e2a7e23fcd637085f8496d_JaffaCakes118 | Triage

Sharing

General

Target

39d0db6e95e2a7e23fcd637085f8496d_JaffaCakes118
Size

1.8MB
MD5

39d0db6e95e2a7e23fcd637085f8496d
SHA1

5293d9124ca789c27c77ee9f2a27dbdbd5a619f2
SHA256

070ad3ab33bffaf96b8638b302117cde7f4f417759b00f8497b1a1c076844575
SHA512

f07ebd353dc6a0e87481d6a5e3abe9beaf7ed337eae4acdda7074aa84ef09dfe30835f9ccf764584676453fdaa17fe96f077815ad01c885f08e786eacd2a3f3f
SSDEEP

12288:5WyG8PdU1cWK84twtShjMXoT8hke1X3v7F:3G8POL4twIhw4T8hke1HR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
39d0db6e95e2a7e23fcd637085f8496d_JaffaCakes118

Files

39d0db6e95e2a7e23fcd637085f8496d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\xampp\htdocs\crypting\7JFv4mCxqdck0g0B\bX8AMgaZ9Gd199Rp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ