63ed01a1fc1604963f6cf8c5ba54c071_JaffaCakes118 | Triage

Sharing

General

Target

63ed01a1fc1604963f6cf8c5ba54c071_JaffaCakes118
Size

35KB
MD5

63ed01a1fc1604963f6cf8c5ba54c071
SHA1

012bb43dec2d3e8238df2ee0e683b9cb911ee1f9
SHA256

6bb496439ce30e2d35847f7bcf066c5535890541328372b9d3dda38a6bfe50c8
SHA512

3a0e0f965bc97c35cc57e348ec7f61d0aa3fb10a6a652246b01febacea70b314aca98f074705171a2d0dfc45b984a193a3f27713f3308c9a8dc5dbee2372ec82
SSDEEP

768:+K7XajaJQsxvfD7X0gOCXq3vLhcB2vurFmah564TX4xYcLdeF:nXajaJQifD7X0gD0v6vrFmah564TX4tG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
63ed01a1fc1604963f6cf8c5ba54c071_JaffaCakes118

Files

63ed01a1fc1604963f6cf8c5ba54c071_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Publisher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ