6f84b5d61f195173244aa864e20b4494_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f84b5d61f195173244aa864e20b4494_JaffaCakes118
Size

206KB
MD5

6f84b5d61f195173244aa864e20b4494
SHA1

9e9698fd5c080f97331f26c80fbebb7e58fea6a8
SHA256

2c6e7dbc95391e067589286a810d09b44122e607cebb4afa45dcc765d09b9211
SHA512

24d58670a1652d1d7a0210b9331b3ad7691b397b7bcfdb548d8684b50a4c00a678aaa63192c33abb8961b56601f8c9113845efb686c4ddbbd5b954afe1646ad0
SSDEEP

6144:GYd37CwuyXG2QejTupqsuzV9mp7PbdipbddKlmYkv:GYMwu2G2RTucRBY7PpiHdKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f84b5d61f195173244aa864e20b4494_JaffaCakes118

Files

6f84b5d61f195173244aa864e20b4494_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\nosferatus\documents\visual studio 2010\Projects\smss\smss\obj\x86\Release\smss.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ