fe0dcb01fc3fe3d8ba022ea8083b78aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe0dcb01fc3fe3d8ba022ea8083b78aa_JaffaCakes118
Size

1.6MB
MD5

fe0dcb01fc3fe3d8ba022ea8083b78aa
SHA1

ffb1cde87a70bf79e4d82438529558c22786b95b
SHA256

b46edcbb95ed838b957b999065db51e777fed857f79a76676ce1cfbcc624306c
SHA512

cf8e9d1182a82b4abc93d6668caa9af1711bf7e9d23a840a36c6fc8619161872729ca49a6137edc675e4701795d1853d74d21f1ec1b3ae683c520a0410c931bf
SSDEEP

24576:ZEoym1uBv3UHQy5Sk2VtoJdXN0BN2qnw4a+edxoBrLdgg6LfUT:HUv3Y92/oJdXN0BMOwLloBrug6LfUT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe0dcb01fc3fe3d8ba022ea8083b78aa_JaffaCakes118

Files

fe0dcb01fc3fe3d8ba022ea8083b78aa_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Office\Target\x86\ship\postc2r\x-none\vpreview.pdb

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c2r
Size: 512B - Virtual size: 300B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ