d3222e254e6334f50f5abc766bb12514_JaffaCakes118 | Triage

Sharing

General

Target

d3222e254e6334f50f5abc766bb12514_JaffaCakes118
Size

489KB
MD5

d3222e254e6334f50f5abc766bb12514
SHA1

0bdcd605c4b77eeee912f9ea1d3c025437ba73a1
SHA256

354e0aadf9872237b4ab76f7f3706a0515dfa38a5c8d65a90193144613ea7901
SHA512

e1062b97dd6a52eb1297bb6d6ddd2869f6c83f9abe8c38bf893a8569ae9e9b65967ad2e038ec9df6755154b8b42ce709ff7ed2e11153694238e495115eed6e23
SSDEEP

12288:Kcgo5W5zIFp3ZDCB4q+k9uodiunyJT6YashlM0JT6YashlM:bgwfnzq+Sur9ashlV9ashl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3222e254e6334f50f5abc766bb12514_JaffaCakes118

Files

d3222e254e6334f50f5abc766bb12514_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 486KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ