46608e8a7181d5144776ac22cf353ff8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46608e8a7181d5144776ac22cf353ff8_JaffaCakes118
Size

400KB
MD5

46608e8a7181d5144776ac22cf353ff8
SHA1

51386ba69d6676fe07e73e77b5c33a0ff01e0dd4
SHA256

50437f7f6480d81e06a3ea9cfa3e6efa1595a0da66c62a8c1f473289d1c82584
SHA512

ea9949ad1e3b8866ad4fe10407806b8a68b2b54db57977b100337169ad1ecd59ae4efe3fecc9d63b62ec1ed9e0ebe4c7c21a7d80a3e8af12d933ca365094c98b
SSDEEP

12288:NS2SDOzvvr8I1zGHg+XOv7m5a2aRTiua:QvQr8AzGHNXOTmj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46608e8a7181d5144776ac22cf353ff8_JaffaCakes118

Files

46608e8a7181d5144776ac22cf353ff8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Itamar\AppData\Local\Temp\ryrddliu.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ