bc69e972fc344646b839e484ec6a9898_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc69e972fc344646b839e484ec6a9898_JaffaCakes118
Size

476KB
MD5

bc69e972fc344646b839e484ec6a9898
SHA1

9a172cdc8dae9197fefc19c134538bcd2518682c
SHA256

74672060ffa6a00ddfcf9ab9212cd977620927404e9ad76f0b4ca999f9eec7a4
SHA512

36ef7f4740beee634bc893165caffbac455f029c8fde1fdbd5bc00ed90048464b7e33ef9aae32033dadcc6436bf5cb2bf4eec52e753c16ee3008d740d2cd360d
SSDEEP

12288:+XpBFT9gF2U7+8j8EyyS3M5bKash/Y1sjki6IUk8zNm:Op1gFj8EXb5b8/Yyl6IUi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc69e972fc344646b839e484ec6a9898_JaffaCakes118

Files

bc69e972fc344646b839e484ec6a9898_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Neckarios\Desktop\Junk\444.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 464KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ