3fe7d81139bd40361330a07f47bb99e1_JaffaCakes118 | Triage

Sharing

General

Target

3fe7d81139bd40361330a07f47bb99e1_JaffaCakes118
Size

881KB
MD5

3fe7d81139bd40361330a07f47bb99e1
SHA1

391bc516fe8e1feae96fb3c7c31bcccec4fa20e6
SHA256

4945a1a4f65271de23a99eaad0b4a08b472b2dcb60a60a5b06f26afad49da181
SHA512

f22e4e2fa6be336cd26fb46f9b7d9cc656670f6c8abf5283e1cd35e718a95a53145937adc70036fc7cf850234c9090b05a190bafd9ae2ad20d9bf8441103f63e
SSDEEP

24576:nLCwk7wqvxM/lttDB2jLRE2x5yY5oCCea:wxMrDkLRn5t58j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3fe7d81139bd40361330a07f47bb99e1_JaffaCakes118

Files

3fe7d81139bd40361330a07f47bb99e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\WFRXPvrzbn\src\obj\Debug\rZbSPrKPIR.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 879KB - Virtual size: 878KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ