df7e15b368472a483403a8dafcfbd50f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df7e15b368472a483403a8dafcfbd50f_JaffaCakes118
Size

532KB
MD5

df7e15b368472a483403a8dafcfbd50f
SHA1

c8221172552e32b33e3f8b93ead10cc05a8375e8
SHA256

83a23e7442fc7be95bdb7cb5886b1a22bdbe539f2cca24d8239126ee9ed274f2
SHA512

4673c355e7337d3369183de18bab3355078be09a6c26f6951659991443e4358543cb24a5c3f270436168993ba1976bdacd6881c6b7d981e29eb443ca17ad1366
SSDEEP

12288:6mmudKdw6IYHmEADyo3AbPTAcxr9JkQ1olGVvQtGVm5C:6mmuIZXxWOT9x7kSxV4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df7e15b368472a483403a8dafcfbd50f_JaffaCakes118

Files

df7e15b368472a483403a8dafcfbd50f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 520KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ