f9f833656f1b805ff594fa51e17a58df_JaffaCakes118 | Triage

Sharing

General

Target

f9f833656f1b805ff594fa51e17a58df_JaffaCakes118
Size

3.0MB
MD5

f9f833656f1b805ff594fa51e17a58df
SHA1

c66a48ebe5e9edc2a9fa437ec9fcd947455592d1
SHA256

27037af853faaca35eeb632f3329c5f174ada17b334f715b21b5ef99c363dd72
SHA512

313bf0ba605459fdb089c36953b0a9224d35268eae6c1b3175c71be15f1c55687c5306e0338d2862377aa3394fa6a0bc4eabe1aeb984121589a2ec71a8546817
SSDEEP

24576:AOGhKB5/bSHDxKh0qcBElTYgH6HxbQPStAq88888s888l88t88IHiy3p4P1blLwU:T3tqKhUEJYgaHxb4WoCvFDh+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9f833656f1b805ff594fa51e17a58df_JaffaCakes118

Files

f9f833656f1b805ff594fa51e17a58df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 120KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE