da1f26afd43c51be872cc8c7fba46015_JaffaCakes118 | Triage

Sharing

General

Target

da1f26afd43c51be872cc8c7fba46015_JaffaCakes118
Size

346KB
MD5

da1f26afd43c51be872cc8c7fba46015
SHA1

5f40f4a20f8d904920ee1009b7ac42357da9177a
SHA256

7b96bf5c721509520772201b9457f7e8f844ad8642433895425e578c1d23e72c
SHA512

cec4a3be7511c12aed157efa83d4ceb647a5b8a431c51ac73b17648a8b6316a2342123cc4256e3ac5683d482368eb4e602cf5de7aceaabb2d382a409bb4f8bad
SSDEEP

6144:A/ACV4TCp2NtUoApUd47Bu7A7hAcX6GOSTd0CRd2SAz272EQNUOCgUma8oM0uCq:A/ACV4TcJpUcu7AaNGOS6CRbAIXR+U57

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da1f26afd43c51be872cc8c7fba46015_JaffaCakes118

Files

da1f26afd43c51be872cc8c7fba46015_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\GANGSTA\Desktop\runpe\obj\Release\microsoft.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ