012898cdbeeabd8c9605096d166314f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

012898cdbeeabd8c9605096d166314f5_JaffaCakes118
Size

1.1MB
MD5

012898cdbeeabd8c9605096d166314f5
SHA1

e7a66322e121ba85073b148eae2634f6d55dd5e5
SHA256

558522c33cc4e84608ade2e52fdbdb698e4114f427078c3e539c2ea5a27e152c
SHA512

293d27976a4931ae3a7dd0f6d6276ecba10c04ef62d2b319f7c037876d609af7f75b0a955edc6100f801350a18c26d46a7cda760fe2e54aa9c324ec70942e6a0
SSDEEP

24576:p/dHSedv2gw6gVpFPdEyKkkJwnrAXR0CGxY34ET8Mg0:WfOUAXNjT8M7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
012898cdbeeabd8c9605096d166314f5_JaffaCakes118

Files

012898cdbeeabd8c9605096d166314f5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 729KB - Virtual size: 729KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ