30c380426505d0cc6741782bb917671b_JaffaCakes118 | Triage

Sharing

General

Target

30c380426505d0cc6741782bb917671b_JaffaCakes118
Size

1.4MB
MD5

30c380426505d0cc6741782bb917671b
SHA1

e3584ded8526f2d2559e3bb5bbc6cb1e307c5f3c
SHA256

97b3e4014ca0d298804be4f599b0601b934f88940137f74c91828c984de30969
SHA512

80b75e3fcb55a5d6f0437a80214107c3e40e5aaeba60a194acd836143ae726b396ce3cec0b787cb43a63861aa2dd91e006a43ee86628808ae43d3ad40c5d434f
SSDEEP

24576:VehqOUx1kdlsk5OPOND4mXHD4tTrSbg86YXFsfS4XVMKG:VQYIEUDVpqYXz4qT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
30c380426505d0cc6741782bb917671b_JaffaCakes118

Files

30c380426505d0cc6741782bb917671b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 979KB - Virtual size: 979KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ