15c24adc8bd9d4f7f929173d2578b88d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15c24adc8bd9d4f7f929173d2578b88d_JaffaCakes118
Size

291KB
MD5

15c24adc8bd9d4f7f929173d2578b88d
SHA1

09d6d64ab4fe18e23ee407be9867baeecaa69b14
SHA256

bcd6d3582045d82d9e3f8b38fc7c41bc369ac6aef63f6f03413e9e58b76bf327
SHA512

c210ae30dd57ced9196222b8cddba028833a46bd1b374ee9ac87b3e0c30687ec5634f116154e7f84ca85dc27f71b5a6a25d87b6bd3b718e71cd64d1567ad19c3
SSDEEP

6144:vo7VRJ7FHcmg8p7r5hWTyQaJMf/D1EX91lY+BUEFDra+7KK:vo7rVqmg8pv6TyQuMH5EX9fpUExR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15c24adc8bd9d4f7f929173d2578b88d_JaffaCakes118

Files

15c24adc8bd9d4f7f929173d2578b88d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Users\reVel\AppData\Roaming\Microsoft\Windows\Templates\??6????qY8X??.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ