620af7b60cd12d45630c8d254c158139_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

620af7b60cd12d45630c8d254c158139_JaffaCakes118
Size

704KB
MD5

620af7b60cd12d45630c8d254c158139
SHA1

e8376adb5c5824c48cb73a0205ff567232e813eb
SHA256

ead0fc8e813f6db3cf84cee547be2f6f1c9f03b606421c736f11c062937c3dc9
SHA512

9d5d7e44a4066dec8b0795310720a5da432e1b8582eb9a9e79a60889540effd4cff3a4d2781237aee71515b580b86f163de51960f49b78c3e5f8867c4728800b
SSDEEP

12288:M7pgQNvpFBNpQQqiR7RD3rvPFz/drQtQl2G+ot9PlHY6hRxuU00:M3NvVNqXiRRrHrB2GLl1M3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
620af7b60cd12d45630c8d254c158139_JaffaCakes118

Files

620af7b60cd12d45630c8d254c158139_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\anonymous\AppData\Local\Temp\xwt2tyzk.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 103B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ