f017fa69721d8fdebc29a3678e2af566_JaffaCakes118 | Triage

Sharing

General

Target

f017fa69721d8fdebc29a3678e2af566_JaffaCakes118
Size

576KB
MD5

f017fa69721d8fdebc29a3678e2af566
SHA1

8348bab91052b50b06b76e5755990b4276d2104c
SHA256

16f09e3cb4992c3161931f817c6c0fa6eda2cf70a478b6d07831e9b867407643
SHA512

89ab996756eaf13738f0b00fcda9a0c03156879aa0d4221a029eea16775f5a86540649e00bab4d6afe796f915731bc88e99bdafadb6f2ee27f3c89e1e452e26b
SSDEEP

12288:t0MPZEwnNrR9Q9+B2FMMWpKWsKYjkgSZ0M88GzLFrxa9PNB7J4JPEyZe:t0MPZEwNLQ+BUpa6YgnPHZatKPEyZe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f017fa69721d8fdebc29a3678e2af566_JaffaCakes118

Files

f017fa69721d8fdebc29a3678e2af566_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

mscoree

_CorExeMain

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 127B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 497KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ