dba57216e799d9ea8ced123c8c2d43ff_JaffaCakes118 | Triage

Sharing

General

Target

dba57216e799d9ea8ced123c8c2d43ff_JaffaCakes118
Size

6KB
MD5

dba57216e799d9ea8ced123c8c2d43ff
SHA1

4bc968661cb8a3eb77bf57300dcf15013381b7f9
SHA256

bd15908b692dc5e2cb04e0b732f56445ed390b09c7feeba7a367e9b10053cf22
SHA512

a23cb60bd06cb1e38f01b3cfe0a5fdd91096550c5a3d20100a66b107809ef0dae421d1254f3e1fcfa6f05228af602861fe8e64416e16c827a609b483cccceb77
SSDEEP

48:6nECJZJoN+pN5i0NBl+sajduJudnjP6jZ1mXVw2b/5WgvgGKoFXJlVO692WMsKOW:k8N+z5XkvjP6jZ1+w2bZgG9F50VWzNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dba57216e799d9ea8ced123c8c2d43ff_JaffaCakes118

Files

dba57216e799d9ea8ced123c8c2d43ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Administrator\AppData\Local\Temp\nhNTn.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ