b9023c34e1e17a8494990b6dc35afb73_JaffaCakes118 | Triage

Sharing

General

Target

b9023c34e1e17a8494990b6dc35afb73_JaffaCakes118
Size

913KB
MD5

b9023c34e1e17a8494990b6dc35afb73
SHA1

681708863a6775a9d7fd01b6309491eac0c2a3f0
SHA256

e5c9691f51404bd8f320749285c4bcf595fbed53931af1424551fb5f5b9c594f
SHA512

c19c6f1256b0ce80f920826c99466f45a0dc878d7672cea3a1e148fda826ba949b42980d22d5fdd3f93ce8dc3abf75adb27ebd7e20ca79d812c69819c0d40b6b
SSDEEP

12288:IMfTlrtv2zv1gv7j2YJ3ulWEP32hzrDla1a1v/zumVDqJKStGiKgGFOB8MG/9Gi7:zrk2DjLOmh3xV/LVmrvK7OB8MiGWic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b9023c34e1e17a8494990b6dc35afb73_JaffaCakes118

Files

b9023c34e1e17a8494990b6dc35afb73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 910KB - Virtual size: 910KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ