bb367436118b3298affddea50440ac12_JaffaCakes118 | Triage

Sharing

General

Target

bb367436118b3298affddea50440ac12_JaffaCakes118
Size

1.4MB
MD5

bb367436118b3298affddea50440ac12
SHA1

b2b8d261784991e3c14c6577447362cb6d72634c
SHA256

37f6df44b9dd38408fe5682c6d660eceb04a2915b3420576afce05bf3076bc01
SHA512

f3549647a3e17bf9ca84e67e40311c3906e9b822f25567a434f8ae7ef737d0a10057ff5812fb293f4d2375b1da15b14458b33c3bcff92eb3599512757c1d638d
SSDEEP

12288:3JdXpDQCEm+SSboh6Htaw0gjLozE+LiBUVtfX/KT2fX1k/HmUVpGF9EVxlm:3JDBCh82j0zE+LiIKT2fX1vOm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
bb367436118b3298affddea50440ac12_JaffaCakes118

Files

bb367436118b3298affddea50440ac12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Client\Temp\WhpIKGNsBh\src\obj\x86\Debug\TransportHeade.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ