745f16f5661fd2f24b24930f43b78534_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

745f16f5661fd2f24b24930f43b78534_JaffaCakes118
Size

512KB
MD5

745f16f5661fd2f24b24930f43b78534
SHA1

9994eb1a3dc9401f2ff4bf3ecbc00e53aacb6d2b
SHA256

bbda3e34ee2a1f94dfa4ab68fb5b8ca182c5a1d17aefd8f960454e456bd0396d
SHA512

e1f2ab91045480f06a3de5098e05d0fff5a8c3fbb19abf5ba0a8270b8ecd009cdbb6755c2989cf46fe87fa605eac73b73e1c9e021a24a91a5ef9979399225c16
SSDEEP

12288:CoOs5NHDIVu0/fKyFCC1RAzNX/5DNjxocIS:Codfj62uCcgzkc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
745f16f5661fd2f24b24930f43b78534_JaffaCakes118

Files

745f16f5661fd2f24b24930f43b78534_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\umut\AppData\Local\Temp\gqfrvkfv.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 476KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ