JaffaCakes118_6946050338e8c97479ae653ffbfc4020 | Triage

Sharing

General

Target

JaffaCakes118_6946050338e8c97479ae653ffbfc4020
Size

528KB
MD5

6946050338e8c97479ae653ffbfc4020
SHA1

c35b5d0f5c820765a00e77887d093cae91d4d919
SHA256

55a5b5ca5878f2ce975ae2800c6547fdbca21dac1e7cbfe1f0fc75933a1a6bbf
SHA512

b9c5d35bdd344596aef8a7b2929a3b8ce4b0ff0c3b7593216a3349fd2ce29d516b95eac66148ef0239098a1a8a0ad13f0e554c8df4723c0ca353e287afa7a2be
SSDEEP

12288:rSdPeMcE2P7eSkb2A3FiEIIwq4yc8LKAd/vf0Frwxl:+dPkE2a2A3FL3gLYKA2Frwx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6946050338e8c97479ae653ffbfc4020

Files

JaffaCakes118_6946050338e8c97479ae653ffbfc4020
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\windows\AppData\Local\Temp\4dksuvj5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 512KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ