JaffaCakes118_1fe5a90e2ae466a1592fbbe1f36eed42b5d50ab0d5090a2a601a1c52f9a38e7d | Triage

Sharing

General

Target

JaffaCakes118_1fe5a90e2ae466a1592fbbe1f36eed42b5d50ab0d5090a2a601a1c52f9a38e7d
Size

700.0MB
MD5

5cbf88d9ac19d0f1e7bc1ad7f832fd4e
SHA1

42e5c569044bcb1b2e0df56ed619de4857441953
SHA256

1fe5a90e2ae466a1592fbbe1f36eed42b5d50ab0d5090a2a601a1c52f9a38e7d
SHA512

9dbe161830305a3d0bc3228978e20575f4b1936add27670ab09d9194a89d8f75b8c01c8fd0dceaa8d8bf7a28a50143c2d68147dafdf9a64001b1bd2f7b719c90
SSDEEP

98304:2aiY94OibC7uFOqRNAGmW0XPfd3g6+H+lIZAuLYO:2zgEOiNNmW0XPfdg66j5LYO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1fe5a90e2ae466a1592fbbe1f36eed42b5d50ab0d5090a2a601a1c52f9a38e7d

Files

JaffaCakes118_1fe5a90e2ae466a1592fbbe1f36eed42b5d50ab0d5090a2a601a1c52f9a38e7d
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\Porter.DuffX.fermode.extends.module3 - Copy.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 576KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ