f4c8cd36be98c17419c79f51acd70e65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4c8cd36be98c17419c79f51acd70e65_JaffaCakes118
Size

916KB
MD5

f4c8cd36be98c17419c79f51acd70e65
SHA1

74df66f0177fcada49ecce8b45de759c715e3514
SHA256

075620f61401473f2736acb7f7f1db0b8b27cd62e5113f210521607a4c781e75
SHA512

4f8050d8f76cf6f088f32c0d48e44668843abbff2740150ce92b0919872bf68eb99ba65c773a02e5623cd8fd1dec5526749d95e2e349f987c25443703847e1b5
SSDEEP

24576:hkRtDS7ZriB4A5wiMB6WTA+M8VZ1NA6M/QWq8:0DGc9EBA8pNA6M/Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4c8cd36be98c17419c79f51acd70e65_JaffaCakes118

Files

f4c8cd36be98c17419c79f51acd70e65_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 17KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WinLicen
Size: 815KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE