fdbc6e0bf6a0942017b7171aeb65226e_JaffaCakes118 | Triage

Sharing

General

Target

fdbc6e0bf6a0942017b7171aeb65226e_JaffaCakes118
Size

3.0MB
MD5

fdbc6e0bf6a0942017b7171aeb65226e
SHA1

356f888eb01bad2a2681d8182bc25fc311ad44ac
SHA256

730834bffc5a9f7453a34177470f7c1610bfabe1203e79414c219738c8d17749
SHA512

2208fff3fdc90199c78592f08ef2142742dcc93c111824003cfda0269bf83e76ec4c084cdfe0938b4319009af667082ca8db936d926d7e8e2f7156a9e13e1047
SSDEEP

49152:5aZ8BTXY1/yGAn1qCL4AZjnLZeUppMv0D5dt0bf421z6ifB4yMTinXBgJ:QGngctLZM8WbQfc+eRgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdbc6e0bf6a0942017b7171aeb65226e_JaffaCakes118

Files

fdbc6e0bf6a0942017b7171aeb65226e_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ