b19b489445b065502fb6bc0008ede7b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b19b489445b065502fb6bc0008ede7b5_JaffaCakes118
Size

168KB
MD5

b19b489445b065502fb6bc0008ede7b5
SHA1

5a495f2f5de6eb13414a355411242c9c53c098e8
SHA256

13d7b05051880c78d826f486c54ce2155cfddc90f57a09a7790e03486a2cb5f9
SHA512

b5278f65a9bbc3cdcd6872c411ae0e01aad316021fd35c499e3d6d0a556d6b688983f3f5baf7d5c03c907ef366d773a299717f4135628656dedbe25777d1622e
SSDEEP

3072:QqMVpeVYmxcTyBjhcyHfO34Aa5gS53K2yUdPZSo+SDqnN:deqPJjhF/co5pNB9ND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b19b489445b065502fb6bc0008ede7b5_JaffaCakes118

Files

b19b489445b065502fb6bc0008ede7b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ