dd7950d693aa3c3d1bac162fbc706db8_JaffaCakes118 | Triage

Sharing

General

Target

dd7950d693aa3c3d1bac162fbc706db8_JaffaCakes118
Size

25KB
MD5

dd7950d693aa3c3d1bac162fbc706db8
SHA1

19fefa34076c05a5039b3dda98ba73c4a232da8c
SHA256

b673bb347994c307b329f97a9f186607f6d6f3f7d344ee1eb5a42f5331056ca7
SHA512

0d40ea9b171d7649464b12ae3100f59848b83a405e9968a60eba7320006cf9b7672bbd74ca3bb22af3678368558ae8d631a1e283d743d93b03a7cdefcc7120a8
SSDEEP

768:svpa/08EHb9txhTJ2jKpJf5c+8eSGJX7Dcpp:QKeHbTfd2jEJhcFbGhDcv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd7950d693aa3c3d1bac162fbc706db8_JaffaCakes118

Files

dd7950d693aa3c3d1bac162fbc706db8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ