a2ac490fe56c2e458d4d3c724daf1f0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2ac490fe56c2e458d4d3c724daf1f0e_JaffaCakes118
Size

180KB
MD5

a2ac490fe56c2e458d4d3c724daf1f0e
SHA1

2a972b135a5729c2b0446327674a9473d56f4950
SHA256

333fe4b596e4becc15486e4c0e2f12bc1d33b9ad394291f35656a5710e82ead7
SHA512

d65e65ece7a76f78b0c18aed1b170d219bb39d33e7bf443571370d1c9cb45718ef52c823f7c2228ad1c26bbe5fb0ac00109fe33a55324dcdb2b8832abb714d21
SSDEEP

3072:HM/DFaH4hV2zkuuuuWT7WGdto5Ed44duI+MH6dYlq7969MZLW8nzYnSG:CvhVA7WQwEdOI+Mad3w9g4S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2ac490fe56c2e458d4d3c724daf1f0e_JaffaCakes118

Files

a2ac490fe56c2e458d4d3c724daf1f0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates\Ð5Qæªo9E.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 135B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ