0c7ba640b526bc8a0f8e73f0dcb2f4c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c7ba640b526bc8a0f8e73f0dcb2f4c2_JaffaCakes118
Size

708KB
MD5

0c7ba640b526bc8a0f8e73f0dcb2f4c2
SHA1

fbe8cab7f722f0de3115e780a93cee49ead42831
SHA256

31291ff54e4a566dbb79dd97cef8e204e4d7ec41cbc529707d1efc7c9f962f2a
SHA512

cd6ecfd7fd1948f0e3f7e55d78dc20701ec69e43fb7d6f986afaf3479ff4320484e3f314b1c086c82e0dbe34e050b2e6a265dfcb66a9a4a7a74bd4d304935edb
SSDEEP

12288:56w3crdt3xaJFpzrnz9cRdmlhaBRXjIj25c9FFDGos:560M8pzrnz9omlhURjc9FFDW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c7ba640b526bc8a0f8e73f0dcb2f4c2_JaffaCakes118

Files

0c7ba640b526bc8a0f8e73f0dcb2f4c2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ