f9d3506e528a8425ab140f0ed921d258_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9d3506e528a8425ab140f0ed921d258_JaffaCakes118
Size

266KB
MD5

f9d3506e528a8425ab140f0ed921d258
SHA1

574c6099daa87598200795e34e3115bdfbabd751
SHA256

79e952f4692dbd0027e7ebd52619feff3c38c01d41dabc768c20f42ba7251fef
SHA512

71199b6522e1ed87e2fa4ff72307e876ee270e56e585d232c61e4d13c2428904a98f60056470f8d41b5ef2caeb9f7f39e4b4e585c83c4bfa74cb25236b629f76
SSDEEP

6144:U+MbOYc1ZmM2NpORjyAlp6/40wWF+4Btj:yOYcDmM9jpla40rFb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d3506e528a8425ab140f0ed921d258_JaffaCakes118

Files

f9d3506e528a8425ab140f0ed921d258_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 94KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 137KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE