a7ef2884c1d6aa02bbca1e48801c7e86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7ef2884c1d6aa02bbca1e48801c7e86_JaffaCakes118
Size

329KB
MD5

a7ef2884c1d6aa02bbca1e48801c7e86
SHA1

972b990c330cdc069a6ca1185efcc0807631ac62
SHA256

cfd049b1f34f222e05af54130f08a77b4d6a2f3d82e1f1687462956f60c86488
SHA512

97c8f0f9d5625c7dce9951a7c4528493185934f2a4e28b82c827a1d6247412545e2e0e87579ac10cfca4cd6ce92e610024fbc0519485c513f4c988b2a4383f26
SSDEEP

6144:PvNScXO1+qLyZaR+dvcMmPSKH05Y3HBNOMdqp8F4GuywlO:tScX4+qYvcMl40Np8F+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7ef2884c1d6aa02bbca1e48801c7e86_JaffaCakes118

Files

a7ef2884c1d6aa02bbca1e48801c7e86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Source\slo.proxure.com\Projects\ClubSandisk\Client\Updater\obj\Release\Updater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE