9640ebb78a29204fcdfe7f3231bb6cee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9640ebb78a29204fcdfe7f3231bb6cee_JaffaCakes118
Size

1.9MB
MD5

9640ebb78a29204fcdfe7f3231bb6cee
SHA1

d85d89bbce8cd0d9ff633f83f5b52996ae985310
SHA256

fa0643f4e61aa6aae1ea99d57de3514067f0edee6a21d7e2c3e801740933a9f4
SHA512

85a9e4cb9fe80fa873b4d158beff5b0249160d8b3137bf26f1834bc959ca2e528cfe117b20320433a17f0a20a678c0e45ad175c4a0ffd554079228558560bc8e
SSDEEP

49152:b4yPvV8a32cKPo6/e1w8mpGsY956SJHS47kG2wyh8:b4y1//ObM56ShS47V2Zh8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9640ebb78a29204fcdfe7f3231bb6cee_JaffaCakes118

Files

9640ebb78a29204fcdfe7f3231bb6cee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

gEPCx *~
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ