ce60dc5e83180830a633c4d71687e990_JaffaCakes118 | Triage

Sharing

General

Target

ce60dc5e83180830a633c4d71687e990_JaffaCakes118
Size

417KB
MD5

ce60dc5e83180830a633c4d71687e990
SHA1

554a4dc23c50c3946dd0f6395396d374be99be2a
SHA256

cf3c9138f667090b986ee23d9bf20fbdcc16f30f5e4bcab827c0de34ebb40850
SHA512

4cb42d97ba2b1736ad90626e0418c940d682e165c947af4ffe35bb581e98f5e06ab9f06820fbea75f95044d10d1ea819fb220295e3d1ac90f08e02c71373c296
SSDEEP

6144:HKuiL5ZWpdT/31IHssvWr+9wR18gQNxpyPg5UlCUlsUldUl:quuad1rvD8Tcz5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce60dc5e83180830a633c4d71687e990_JaffaCakes118

Files

ce60dc5e83180830a633c4d71687e990_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DiscordChecker.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ