d274625d224a13991dbff87d7e93b829_JaffaCakes118 | Triage

Sharing

General

Target

d274625d224a13991dbff87d7e93b829_JaffaCakes118
Size

351KB
MD5

d274625d224a13991dbff87d7e93b829
SHA1

592ab189c768038c03eb5a1a733dd845d47d640e
SHA256

e4d954d60de4d6466e3644df9dc081845db8fbaa9a34956e07c69f7da437a5e2
SHA512

6a2fadb56fb7e04f87516f2c726d0e4a052475e220a54c0361a2d9d48b136eade91488ab0072f8542fbf92ebee011dda928b3e4e0caf8838b7111a87903b2cdc
SSDEEP

6144:A2DvhLO8lNPaIplw4yAc5BmcB0jlzc72qWEdQBtMHGj7tRrA:VvQ8PvwRAc5BRSmi1E6Btg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d274625d224a13991dbff87d7e93b829_JaffaCakes118

Files

d274625d224a13991dbff87d7e93b829_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Windows7\AppData\Local\Temporary Projects\jampy\obj\Release\jampy.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ