fba383755a02de16ecef8b7e32d44341_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fba383755a02de16ecef8b7e32d44341_JaffaCakes118
Size

267KB
MD5

fba383755a02de16ecef8b7e32d44341
SHA1

b54d2d40edc55a15ef18d052dfbcf73ca01cbb76
SHA256

e0eb27479a71f8454e244d13716fe94f482b67284408aac32e24cfa463992ef9
SHA512

6f5388bd18e8a462937f214efeec04d30a93ab7488d865ded1ebb88481d8f4f0e8465276c3712bef055286c4fd5135b80de105b97211c784e0e4d3ac4061616d
SSDEEP

6144:pfkDTC8ldPOjJTdHTGT7tkCkHcvOjPgjCBMpObmYzt:p8DjldkvzGvec6pC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fba383755a02de16ecef8b7e32d44341_JaffaCakes118

Files

fba383755a02de16ecef8b7e32d44341_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.xyk0
Size: - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xyk1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xyk2
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xyk3
Size: 260KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xyk4
Size: - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE