ea2899676bd9e308df40e233a502d9da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea2899676bd9e308df40e233a502d9da_JaffaCakes118
Size

485KB
MD5

ea2899676bd9e308df40e233a502d9da
SHA1

8fd7f311f42f34a6a4a90f3ed084d61d6f0f280c
SHA256

1388e41de370a7e5359eb945ce0cd532fc4dbabf6932c220247cd2506757b150
SHA512

65cfbbb770b70ff270b5e16fcbbdb3555aa3eee7409a8f21b7ecae1a7afcbcc174dd8b5fc9c81ff58f5bd92affedf94fc9f011fa7d51940ae3fe1693ca9df17d
SSDEEP

12288:FfA0gxLCGdVDWCZIKJkBUySXvAMfoZBpZQUR5pYs59gsNYInbBduo:L2x9uKJkjGfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea2899676bd9e308df40e233a502d9da_JaffaCakes118

Files

ea2899676bd9e308df40e233a502d9da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

N>l6Q6
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ