ef98d28500a8f193004c5d1b19746f26_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef98d28500a8f193004c5d1b19746f26_JaffaCakes118
Size

198KB
MD5

ef98d28500a8f193004c5d1b19746f26
SHA1

7cb6024255102b54223067d95dcfb6b40646dc8c
SHA256

16c385b0c8f713ce2a6658bfe8c422c9fdab15667ac86702385e3b8d9d78b363
SHA512

5edfd79d1d23d827a1a41d8ce19925f5ca1b59ee7845cdb75a8402eb957dc46bdfc70768ba1f8dac3c70a1f4b7cd05901c03a0f961e23caaee64cffe32934981
SSDEEP

6144:+Ktkp3t9GKxaWGL8Z9DMaS6RsYKG+Vc8iK:+KIfx9GcDJFRHKGB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef98d28500a8f193004c5d1b19746f26_JaffaCakes118

Files

ef98d28500a8f193004c5d1b19746f26_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ