f51aa16d10c42f0c3ab5dc4b64d208d5_JaffaCakes118 | Triage

Sharing

General

Target

f51aa16d10c42f0c3ab5dc4b64d208d5_JaffaCakes118
Size

175KB
MD5

f51aa16d10c42f0c3ab5dc4b64d208d5
SHA1

261545ab71867d3a8fd0a92e0727c3426de6b3ef
SHA256

47d62d6c7ef10110f5b66d143ff6ab0005202d638bd796e3f78db900cb6b0cc6
SHA512

ae2d7054f1318a08bb983833e7bd2be58eb2140a35206b8d48da751ac2ae46401aad4687e56e2bface32a3d665c0aad59e3fe0aba40ebb2f50fdb6218d6ceb94
SSDEEP

3072:uU++H0toE9revQW6ZBx5Eb2fwpm1tjeLS3I//uHsZSHMNLfKebLe1svdA:9/yl/5Eb2fw1LSYUzoGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f51aa16d10c42f0c3ab5dc4b64d208d5_JaffaCakes118

Files

f51aa16d10c42f0c3ab5dc4b64d208d5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\bexucorkmaysla\petgashUrsasla\saybegs01Ajeeax1be\Weel9RubeOnlyhmmie\Cultduihmmalab0lipa.pdb

Exports

Exports

IsNotSystemOriginal

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Obis
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bis
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oypac
Size: 1024B - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Coni
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ