f38a65c5077a8e9bfb22aa7629720be8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f38a65c5077a8e9bfb22aa7629720be8_JaffaCakes118
Size

284KB
MD5

f38a65c5077a8e9bfb22aa7629720be8
SHA1

84b2cd6833b3a40651cbf113f35912b12bf7975c
SHA256

691d949080533800792f7de4c2e667f0c01a69335bc5f6d59e4c8e7c51641b23
SHA512

a92104584876aeab58179e56a20b34b43d5b6c809a9fce377a355e8ae072231d632dd82f465e411afe6335ed41dc5dbd24ffb0e2736c1b1de3cbe0ad9fd37827
SSDEEP

6144:EH2/BaCg4sfLjRvUWnMQJVXoC/aoYwF4aJxG2AB4tlOihiuv1LNS:E4Vg4OLjpPnMACC/ZYwFXPGVmfhiEZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f38a65c5077a8e9bfb22aa7629720be8_JaffaCakes118

Files

f38a65c5077a8e9bfb22aa7629720be8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ