ab35a43c15632bb0f8bb4e1c7010823f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab35a43c15632bb0f8bb4e1c7010823f_JaffaCakes118
Size

768KB
MD5

ab35a43c15632bb0f8bb4e1c7010823f
SHA1

611d52a668f813c232ad6cb8a1ddc4d55ae814a2
SHA256

9f20aff8c1dd912d255dd9b0fc7b0dc0255290d69ba0091c4b2867d4b5bdef41
SHA512

f81064b4026f8234563c311d3fab2f9a3007de800eaa3ebcc1a5c74632f09bdb52b6a3bcbed2c6503dd0e748ee03ff0cbceeecffd48e35a9c66a292c0c41baeb
SSDEEP

6144:diPoqwxFxs8oDZwCZjUzGo7wXEKgkdhAFYIRGWzD89oD9TT667Xq:L5xFxsPdwCCzGo7EEZkdSR89oAw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab35a43c15632bb0f8bb4e1c7010823f_JaffaCakes118

Files

ab35a43c15632bb0f8bb4e1c7010823f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\visalperera\AppData\Local\Temp\Done.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ