890bdd6449b3eca7d5a8bf99648701f9_JaffaCakes118 | Triage

Sharing

General

Target

890bdd6449b3eca7d5a8bf99648701f9_JaffaCakes118
Size

302KB
MD5

890bdd6449b3eca7d5a8bf99648701f9
SHA1

2212ba73665219cf5846fefb04d9eec2526c1733
SHA256

e41847ac835fed45be7bb6eae972da20395e49d11e55609dfbad8b06c4894b1a
SHA512

51ab499cabeae012aef09754ccf58e11e9f2c56f20d6b69e012d761a5f9982a1576256d15dde1a7c9143cf9f1c21062665a89289f6f86d64118813f2e74ac74a
SSDEEP

6144:fTLQQjxMC3YvVIZFQ8oxPfGL9ixtYHziJ9Lg+bv+oY6N3j3:fTLQQ12VILQHQix7fgpr6Nz3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
890bdd6449b3eca7d5a8bf99648701f9_JaffaCakes118

Files

890bdd6449b3eca7d5a8bf99648701f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qgB0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qgB1
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ