f1aa28fcf0cd2cb6cd5dbc4908ca8590_JaffaCakes118 | Triage

Sharing

General

Target

f1aa28fcf0cd2cb6cd5dbc4908ca8590_JaffaCakes118
Size

1.4MB
MD5

f1aa28fcf0cd2cb6cd5dbc4908ca8590
SHA1

bbbc7c2ae78c2d9ac3578417ee6ad7554bdb0c27
SHA256

1b80ff02d64c454a3965d1c7ba536c5eca9e3c289301da557496f938c2a24a95
SHA512

0fff26d72d92d05ea4d804a085c6928d0a0cb41ab6eac823be1168f98024627fca382b6d4d526b6b34c8c919d078d32c4150961bb164f1a6f0a718720fa75c98
SSDEEP

24576:Q3oTCAVKjg0w9lrGzYwvpNIj/lj+0OFmvN+C95gi04KU6tpuFAD:Q3cCrD0Qcwvpq/HOFWNfNKU6tpIAD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f1aa28fcf0cd2cb6cd5dbc4908ca8590_JaffaCakes118

Files

f1aa28fcf0cd2cb6cd5dbc4908ca8590_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 200KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 43KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 927KB - Virtual size: 928KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE