fdbaf1cf150f8ce9892cd77f8f57ee3a_JaffaCakes118 | Triage

Sharing

General

Target

fdbaf1cf150f8ce9892cd77f8f57ee3a_JaffaCakes118
Size

2.3MB
MD5

fdbaf1cf150f8ce9892cd77f8f57ee3a
SHA1

30b9e7f9fd621887cc3c0d386e8f39e2d5c82229
SHA256

2d68a08146c225053c8314282aca4053408e85ff77a9bbd302efe44f1db4739e
SHA512

1c9b52214898992d138da884da8c360eb8a40aabb3fa8b9027bcc93686d4f1df2a77f00ecc75944eec063e896b65bc70d1e0c865c6a51e03f1894a4838a75caa
SSDEEP

49152:qAoTSV3SSpwtb9rRbipPihj+dPGyFUJ8pg:qnu3nERmpPiF+9GyFUJ8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdbaf1cf150f8ce9892cd77f8f57ee3a_JaffaCakes118

Files

fdbaf1cf150f8ce9892cd77f8f57ee3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ