f982412c1068c62c74e66e33d22f126c_JaffaCakes118 | Triage

Sharing

General

Target

f982412c1068c62c74e66e33d22f126c_JaffaCakes118
Size

190KB
MD5

f982412c1068c62c74e66e33d22f126c
SHA1

2abac49c1945c84afbf043294caedb466ecc9a6c
SHA256

8f0de9561c819a2ac7f490afebea87ac5a80fdc6af0877210e3601ad89de8310
SHA512

54afecfa208207f1605382fdbb907e4f0f58d30fb7a749cf91a5a31ec23ff7968ca85cf17543f06c57e0b683c6274c8ebb224d1f72df6d1b0dc52a0543b44a6e
SSDEEP

3072:mnb3hr6gHOACLkhR8xD/5TaBOR5OE1EM2jASY1atZgn37zpnop2WtXvs3R:o3hr6gH3N4xD/lay92NgvpnoJtEh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f982412c1068c62c74e66e33d22f126c_JaffaCakes118

Files

f982412c1068c62c74e66e33d22f126c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 59KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 15KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE