ea82322f75fa9f7807873660db399a78_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea82322f75fa9f7807873660db399a78_JaffaCakes118
Size

117KB
MD5

ea82322f75fa9f7807873660db399a78
SHA1

8b29bc8572519ce2c40632d1d1d8c2230c68bee9
SHA256

3f8bfe59ad62efba22b1c33f35e8e783eb085436153aa610c6f45d8d9e1a66fc
SHA512

31c49b08f2942f9cf8a6690b6e20638d1b1866d2a6b00af1cab1a82778d0c33bfa0420070faa58ff5320573afaa05782b9efa6e1a5d64196815aaba91f9d9f5f
SSDEEP

3072:7kjIqwVD2jqk+rE5Hd3aOHdQNMHHd74C5ExBkYzO3keWU0xYBxf4/R7d1NGHr6Gv:71ksfEh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea82322f75fa9f7807873660db399a78_JaffaCakes118

Files

ea82322f75fa9f7807873660db399a78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\FusionCTRMClient2017\branches\FusionCTRM_MasterDemo\FusionCTRMReferenceDataCache\obj\x86\Debug\FusionCTRMReferenceDataCache.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ