6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118 | Triage

Sharing

General

Target

6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118
Size

410KB
MD5

6d376f79e076fe8e311efac7bbc5499a
SHA1

2193c942e7d02b4627aa0802fb0107dba9b0068f
SHA256

1bd1c6bae8d74df3a44a814fa9f81f1988334317602c2d5f6d468617a14817ed
SHA512

c122aee705ae255855eacf61043969990e33fdeb7188356432e67bea2b1b983c485dd3b4a426bded895d4837785687242a5a3c242e2a45fe31abe05accfbd937
SSDEEP

12288:z4/ucsCfrLEnFHncFQhNe0GM1s65FHbLiSvU6Oui4am3YaCYmO2VdjVTfPKkD0Qs:z4/uY4nlcWNe0KOg2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118

Files

6d376f79e076fe8e311efac7bbc5499a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\xampp\htdocs\Aspire\files\johnclark12_ttNLFfyJYJNWsxmE\ttNLFfyJYJNWsxmEma.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ