d5481b1558c02cc5b27eea52074e0d08_JaffaCakes118 | Triage

Sharing

General

Target

d5481b1558c02cc5b27eea52074e0d08_JaffaCakes118
Size

58KB
MD5

d5481b1558c02cc5b27eea52074e0d08
SHA1

a1eff2bf50c1323a8beb7b0e60f39e14a81b224d
SHA256

f54dd71bb0feb30a19123b93cc9ce60b3d6e603b9b5967c472b8cc35d9618c12
SHA512

4aa8cb795cc3d3fce1905ef7e3ea6f497e9c5be9e4fce188aa385b31b003ae1f403cf84bd14385f86149f47551b68ef2668b322bd39197b978fe60df6b3828ec
SSDEEP

1536:kk/MJnS3kgqrYMLDdAg7w9fQ65aXPrB72nkW:/kJnS0gQX5J7w9fjafrBykW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d5481b1558c02cc5b27eea52074e0d08_JaffaCakes118

Files

d5481b1558c02cc5b27eea52074e0d08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ