e8f603a630bcd9e176595f50f676deb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8f603a630bcd9e176595f50f676deb5_JaffaCakes118
Size

198KB
MD5

e8f603a630bcd9e176595f50f676deb5
SHA1

b4b8517dcf9d4ead4cc403a813c1278f9f7cd524
SHA256

9af4905c6c01f28b227fd541a059dfefb3b5339f206ba3b60a409dfb50bdb078
SHA512

6f1c4bfb08a977d512d7c5d41094175904df95931dfc00d492e7741c4a2c8b2a2d2fbf4e2fd81854c793c598c372de244df06dbe2a1fd3030f62efc5289fc756
SSDEEP

6144:r6bzgIwkEKCEoFScvTzj39Qdyoh3t4py++bj:rkcbUUSyzj3ekoFtqy++b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8f603a630bcd9e176595f50f676deb5_JaffaCakes118

Files

e8f603a630bcd9e176595f50f676deb5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ehBabubeljoZipspaloafrimant~\usetiehormagirkbinaimcarayex\fateabodlakeKerfamCoedbatofpis\Busyshairstawlaxnufubonatofpis.pdb

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.psikif
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tide
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hodta
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ