2b3eec8b9aee43983d2345c3cbad4d0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b3eec8b9aee43983d2345c3cbad4d0e_JaffaCakes118
Size

463KB
MD5

2b3eec8b9aee43983d2345c3cbad4d0e
SHA1

d7f7022f671a92614da71b4f142994de2075217e
SHA256

c221ee3ca9d3c2a3c590acbd64b35f8aa81c3ab32aea9f5c9d18fa370925555b
SHA512

74756a3ee308dfa547a574df1276ce4c39a43b47b6a383b2b93cc6100ad485e1790d8a29af11b3d2ad980a374b326c81eac3996e9aa3179a4da7fb784a05c68e
SSDEEP

6144:NdUkvIYemyBzqUBAJ9xIwLHLGoWgPJ0AKWawGUAekOx2/RQWWqh4+4:lemyBHY9xIMHCAPSAKtwGU/W/RQWJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b3eec8b9aee43983d2345c3cbad4d0e_JaffaCakes118

Files

2b3eec8b9aee43983d2345c3cbad4d0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Projects\.NET\Updater\Updater.trunk_4.6\Netupdater\NetUpdater.Starter\obj\Release\NetUpdater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ