875f7380fc8e6b1c3b848ba395f82aa7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

875f7380fc8e6b1c3b848ba395f82aa7_JaffaCakes118
Size

406KB
MD5

875f7380fc8e6b1c3b848ba395f82aa7
SHA1

fda75805d9c9997e726b9a7fcfed302f1193e68a
SHA256

970ebd590c99c9ab2720f494edc69d5a2b5e63f035ffc1882e64ac66855439d0
SHA512

b6cb614113c7ddbcbfd6c9019032869193c872cb2a29562ffedeb3c6dec35ca5d9a19a2332d944b6ffec39bb8a373244e798701242508c38e688cd74c34e53fb
SSDEEP

12288:x/XfZxV68eJx5tMFMeClk6UsjzHBK67S3:pPZxJGKMfkbsk67S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
875f7380fc8e6b1c3b848ba395f82aa7_JaffaCakes118

Files

875f7380fc8e6b1c3b848ba395f82aa7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ