b3b5680ff30f9e63031192aeeb7f6493_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3b5680ff30f9e63031192aeeb7f6493_JaffaCakes118
Size

385KB
MD5

b3b5680ff30f9e63031192aeeb7f6493
SHA1

3448afaf3861a2035a3046d99ebedcf7d129392f
SHA256

7d5082404240dd5a73cd199238da9c567f8bbdf1b7675788d1bd3e0838df9a30
SHA512

870ba5bcf7a5fb955d698b4f09b1d3dec845de10226d6088b889076c26a51d62b20e05747103a414fae9d6aa586be325aeca67161d20a6187e30796408ea97cd
SSDEEP

12288:5BlxoZ8p34iulEjDJzx+NEnczpI+kkBKVMau8y:PoZ8f5+gcW+kew9y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b5680ff30f9e63031192aeeb7f6493_JaffaCakes118

Files

b3b5680ff30f9e63031192aeeb7f6493_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ