5bfd1a5c119bd8ea918924a39b1ef4b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bfd1a5c119bd8ea918924a39b1ef4b8_JaffaCakes118
Size

182KB
MD5

5bfd1a5c119bd8ea918924a39b1ef4b8
SHA1

32381a94987267a5c491576aac713e1e699c3215
SHA256

d0f7cdc1bc191686089931cc307aa28a8ee47994b8a4a8cac87e34bd9f46ba55
SHA512

0ecf62d0c78d671205a0eb476599b489776400957943b50b1a7ebb9db7bdb66ccf3d8666f96b9b0dd05a0987c3d81309ac9fdefcc2d5eff271c27197d412cb5d
SSDEEP

3072:eGh9DcB/AONyqDu3pVOlR4CMVFYnW58PjXQYMHugqxjds5I2B/SAE+:eV/AONV6wTsuzjMDqUC2BKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bfd1a5c119bd8ea918924a39b1ef4b8_JaffaCakes118

Files

5bfd1a5c119bd8ea918924a39b1ef4b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Spyman\Desktop\thankface2.pdb

Imports

mscoree

_CorExeMain

Sections

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ