68f307f8fc2e9159d5a65236d8059d9b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68f307f8fc2e9159d5a65236d8059d9b_JaffaCakes118
Size

2.4MB
MD5

68f307f8fc2e9159d5a65236d8059d9b
SHA1

bf661eec5254baceeb4ab6fd429d4fc71e67bd5f
SHA256

5fa4bd35980699227c47b7811b0ab8377b0218bfba27bbd1d242c49cd441c805
SHA512

b104e013d44263bbf445eefcd87821b0fb8c57be2f62e65b06b06b2cd85d8cc143e3ddaffd7356d0dffa76322073521cd0ad88d63a3824eed8a409ff7cac9514
SSDEEP

49152:3KQq2Yf60vMBdFugrrTQ46V5Bp8PtLaZKjp:3Qh5v8P0od

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68f307f8fc2e9159d5a65236d8059d9b_JaffaCakes118

Files

68f307f8fc2e9159d5a65236d8059d9b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\bossi\AppData\Roaming\Microsoft\Windows\Templates\ƒÆCk3µ5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ