e89e10eef622f47eb00cf75ab1d20820_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e89e10eef622f47eb00cf75ab1d20820_JaffaCakes118
Size

721KB
MD5

e89e10eef622f47eb00cf75ab1d20820
SHA1

3b26a4fe2fcc6f7cce2aae026d33f0a3bf68614d
SHA256

09c68dfc4a8362cff570bd1500bcaa1858bc333bedca884e5879b7189463357f
SHA512

3a2c5d0e9d46fdb4eb3d62c4a39cf56d917a672da7d04fd5e6eab72e4877aa5514a95d691300d1ea1591ef74f5108b2fa43f4b27b7cab74f4070006360563216
SSDEEP

12288:4brmD2U84ZF0Lg/DRZhf0deU/N9M+ugdM4WC6wK3Mu2tu5IA4ldRNwnSa9TB63p:MmDtaLg/DRZhf0deU/N9M+ugdM4WC6wa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e89e10eef622f47eb00cf75ab1d20820_JaffaCakes118

Files

e89e10eef622f47eb00cf75ab1d20820_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Office\Target\x86\ship\postc2r\x-none\selfcert.pdb

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c2r
Size: 512B - Virtual size: 340B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ