9494ef1a849e5865b729cb62e0d113e9_JaffaCakes118 | Triage

Sharing

General

Target

9494ef1a849e5865b729cb62e0d113e9_JaffaCakes118
Size

428KB
MD5

9494ef1a849e5865b729cb62e0d113e9
SHA1

324046c742cd7395bc6d61c33378c9749b33dc4a
SHA256

8649b4f628ba8136dcee01abb072bba2120a927a6e03ca5fe83449c8eb78c8b7
SHA512

29208f6f040e1e53e1d60dab431ee894053cf075cd6cdd5e5f8bcad88facf7f3251f631ab2512f79c14d3c68e5659ac6d1f8cfc38f6018e98278496db25d191b
SSDEEP

12288:CUjDgu8N+WJZ8LyKGnNX0N4VNuTOi86x+Cs//OXJTwqcm:CUojNHJZnK2lfMFC/OXJ8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9494ef1a849e5865b729cb62e0d113e9_JaffaCakes118

Files

9494ef1a849e5865b729cb62e0d113e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 416KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ