61eabb5f86336fe941185bf0a37a8472_JaffaCakes118 | Triage

Sharing

General

Target

61eabb5f86336fe941185bf0a37a8472_JaffaCakes118
Size

538KB
MD5

61eabb5f86336fe941185bf0a37a8472
SHA1

c733162ee7b9c8622d06258f676c846e99689199
SHA256

5bfd4a2a53142c78b5ad8eb5ca2f14bb28fa648b2ce1d2169d837346f2673004
SHA512

b2d458c865ada84666405636c40a70724d433d1bc9bcdfc830ff9b9b05c1ee08cafd2bbb2e59cd8820c0c247bee2dec432493e6aade925c30ea00a6f9b33efdd
SSDEEP

12288:oghbus5MJCyVyV4mqcS0KRBY+gSwQUuuGsTvZv/cDTX:HFu5V7tcUShSl1uGCZv/c/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
61eabb5f86336fe941185bf0a37a8472_JaffaCakes118

Files

61eabb5f86336fe941185bf0a37a8472_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ