87ffc4b2e8ebb389f354cb830a46cad9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87ffc4b2e8ebb389f354cb830a46cad9_JaffaCakes118
Size

2.9MB
MD5

87ffc4b2e8ebb389f354cb830a46cad9
SHA1

777b4b5a597def21f05af9faf5240e7f8da5a3aa
SHA256

c85120d4a432976f60320e3bcbf98084a9443d1d068073b75ee7735ebdc07f7d
SHA512

4758ad747df9a29768940d99d1828bcbb0a12f45bf93731320ff4af3cd6cea74e30b48ecd9f91f73e5c7d3003ba61c590140626a8017b0378f9774ce6bfec6a7
SSDEEP

49152:PlZFUgy6kcZwzMgmjjTySlH4eBjMxXRhCs16:PdkXc+zXmOaH4eZMxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87ffc4b2e8ebb389f354cb830a46cad9_JaffaCakes118

Files

87ffc4b2e8ebb389f354cb830a46cad9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\projects\FinalInstaller\finalinstaller\FinalInstaller\obj\imali_release\FinalInstaller_dotnet4.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ