ae20ae4b8b36170ee0fb8654902d962e_JaffaCakes118 | Triage

Sharing

General

Target

ae20ae4b8b36170ee0fb8654902d962e_JaffaCakes118
Size

811KB
MD5

ae20ae4b8b36170ee0fb8654902d962e
SHA1

bd1900f3400bb00b62241f806e10296a783e289c
SHA256

aacc4ffd4879c92125c613f8a8abd7ab81789581d2305e162efbca3ce23ac180
SHA512

382970ddee385fbbb1e96f2df38ecc69cb1ee2b57a356f374b1e1c88c26db17d5401c1eece3a6c3cd7c3f7b624937187aa83c81c59d14991cd1e428d713bf0ea
SSDEEP

12288:Ebq1otKYmdoaRQ44M7wDEmqBRzOyZ+9iW6ZgHK7zXzKboFryF:aq1JYqdRZFKEfDZ+Yn3Kboo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae20ae4b8b36170ee0fb8654902d962e_JaffaCakes118

Files

ae20ae4b8b36170ee0fb8654902d962e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\HjWHouicNm\src\obj\x86\Debug\EnvironmentStringExpressionS.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ