fbad539ef0ce2e9b8018026a86b9c36c_JaffaCakes118 | Triage

Sharing

General

Target

fbad539ef0ce2e9b8018026a86b9c36c_JaffaCakes118
Size

408KB
MD5

fbad539ef0ce2e9b8018026a86b9c36c
SHA1

68981ad492c29ee8f46c5adf59cb9e30f58c4625
SHA256

4ff60bbfc086808dacd3910bc9441cadd9970435a4a67b053400cd6f1ecb2a45
SHA512

9a4b71fe0031a54b253867016c77ec863be1d25d3f39c5d209c41946029e787341045994e9d3152465fa8fe27fa97074370ea44219b5af194f4066cb08b13cfe
SSDEEP

6144:A24y4jmCxs3Ebo0ksC/L3Wr2K72MIQznWzY+Y4QEFpda8Lwh3E8qaOjPcWg5K9:A2N2Cr0Eo72J4+Y4nRfLwcPcJo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbad539ef0ce2e9b8018026a86b9c36c_JaffaCakes118

Files

fbad539ef0ce2e9b8018026a86b9c36c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Patcher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ