07e1cdae1fe659073ab973ccaa0f6cfa_JaffaCakes118 | Triage

Sharing

General

Target

07e1cdae1fe659073ab973ccaa0f6cfa_JaffaCakes118
Size

900KB
MD5

07e1cdae1fe659073ab973ccaa0f6cfa
SHA1

ef35c83fb52da9613da55bab5be341a3cd17cb77
SHA256

fccc80de0fc9ba246902bbec6c5189c7d14aa7617b203bb7b1ca58ac25dbb0e8
SHA512

7e029bf1b3cf5c048af80f8576a03d0dff1402c50b1d2fff7b3267275dfe3310e8f83fce68731431d0d65ba1e4c538503ccc11e43478ca276119a584137383f7
SSDEEP

24576:ZLy+fKU/f9MToBsDnhYkrChHbjs/SDfk:ZyIKtoBHbFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e1cdae1fe659073ab973ccaa0f6cfa_JaffaCakes118

Files

07e1cdae1fe659073ab973ccaa0f6cfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Dom\AppData\Local\Temp\hedc31hv.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 788KB - Virtual size: 786KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ