65a89899daa196774af9232c1a5a4aba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65a89899daa196774af9232c1a5a4aba_JaffaCakes118
Size

860KB
MD5

65a89899daa196774af9232c1a5a4aba
SHA1

e0373dd0c70940eaea878425b14ad99fc8f4b66c
SHA256

927320ca23e55bfb48991e0dfeaa6e636c8aa5f285f4684e98647712b5629cc0
SHA512

99f73a544a454fd749adee8738fbc4615ac2e795474d4a68df3f2d4fc5bfb8cbe0d57e013da371231173bdb196f6a8281a1b4d1cd4f7f900dda3004d944f20cb
SSDEEP

12288:8H4JmsSwRV5g+QuatCFenU+KV/j3TX54fX/H4SbZnZWENw0JgE9b5NJycGV:8HNsTVu+Quf+4fp4fr1ZWENw0fxT4X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65a89899daa196774af9232c1a5a4aba_JaffaCakes118

Files

65a89899daa196774af9232c1a5a4aba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\user\AppData\Local\Temp\4ffpauuq.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 644KB - Virtual size: 640KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ