94b87733c688eacc477a274c06047594_JaffaCakes118 | Triage

Sharing

General

Target

94b87733c688eacc477a274c06047594_JaffaCakes118
Size

949KB
MD5

94b87733c688eacc477a274c06047594
SHA1

73d02d5c6714a6c3c7afe628640eca6d035d268d
SHA256

28b714bdd63520294c6e4103bf377a89b2afadad3cdf4ef0c58ccb74b78d02c7
SHA512

32e55a6fdfac93016001b142120c1affb0f9c4abcdb27c8541780a5cff9298f067adfce011e1cf5ac7e89254b86f6d51a3b8a744e3fdbe73df3b750a5414cc17
SSDEEP

12288:AQ58Gd2jEp9VsyS1izvlm2ABNTIuae8d41E:AO1p9VsySWvlPA241

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
94b87733c688eacc477a274c06047594_JaffaCakes118

Files

94b87733c688eacc477a274c06047594_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 675KB - Virtual size: 674KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ