3a358019d5f00d59089b74e94a7c79d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a358019d5f00d59089b74e94a7c79d1_JaffaCakes118
Size

1.4MB
MD5

3a358019d5f00d59089b74e94a7c79d1
SHA1

9526c742dee77dd84bd7164c9aec2292ae9dfddb
SHA256

6126e7d7a2700b416f2365414af1dcda627529f1af48331da1c0eecba68f52bd
SHA512

0d08dc9ca1a8735a47e70015da2a3cb3dc8ea39a17c9a8351ac3b16d37b610da4285dad08682e49e893587296107d1e3651b33888220a13929240083adbd17f8
SSDEEP

24576:V+oMH4ZHJxv1EyKfgD3TvCRYWvGRg5pr5zPpro0M0HVMw5c:V+Viv1OfgD3T6TvGRIVrI0t5c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a358019d5f00d59089b74e94a7c79d1_JaffaCakes118

Files

3a358019d5f00d59089b74e94a7c79d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@.pdb

Imports

mscoree

_CorExeMain

Sections

.
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 464KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ