76f2908839a8cb236819193c952aaa13_JaffaCakes118 | Triage

Sharing

General

Target

76f2908839a8cb236819193c952aaa13_JaffaCakes118
Size

615KB
MD5

76f2908839a8cb236819193c952aaa13
SHA1

28b6c936d6e245c726239aa950004d9077f8198f
SHA256

13c9d681432c3a57f8de0d295a1bf36c5a72587339bbb629e9467697d75c5634
SHA512

f49504f4927c1ee2ed36367fcca343f3ee99d96bf2d04cf57814051a440e8e554e665988931bde03fd37f6715cd92029f1ed75968c7b0348c16f4eb5ed5daa11
SSDEEP

1536:/qFOkRWgN4LPsfi8LEpc+GlbFvY0KUDeCiAM9VTow8Qxg9z:ChWRhTp9G7mUDLiAM9VTow8Q6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76f2908839a8cb236819193c952aaa13_JaffaCakes118

Files

76f2908839a8cb236819193c952aaa13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ