24d7e953e0e46be83259ee83168f7088_JaffaCakes118 | Triage

Sharing

General

Target

24d7e953e0e46be83259ee83168f7088_JaffaCakes118
Size

836KB
MD5

24d7e953e0e46be83259ee83168f7088
SHA1

b36eb7432248d008797aa3d45bdc0df6e15b6862
SHA256

5a770772b4d547660b1c784c094f08ce7547d6bcea38b31056397506461371fc
SHA512

246136880d077ed6c7fde2ee491f644954e6640c518cf6324d2fe4a4750db5121a324f763559ac6714410506c1dc2ad31d719cba7369ed8b2d1113a8becc6a55
SSDEEP

24576:u3C7YAHQOM5eF/j60kbA6t5DONNtuxkeeS:u3C7HseF/jyAe0N3uCR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
24d7e953e0e46be83259ee83168f7088_JaffaCakes118

Files

24d7e953e0e46be83259ee83168f7088_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

:`|g
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ