1269bbb536e0a4137a4374cb56ad6846_JaffaCakes118 | Triage

Sharing

General

Target

1269bbb536e0a4137a4374cb56ad6846_JaffaCakes118
Size

1.2MB
MD5

1269bbb536e0a4137a4374cb56ad6846
SHA1

e1d29f67cb6b67f5633e13b1ef1657af8b15c815
SHA256

25c387854c05e6bb5b83cdc4f3a5b8151f563a3ed868fdf3017ef27fb1b6085f
SHA512

07d7dbecd4973b722535fd3242ef8a92bd907bb151e96d7da1f6750c9f1a462ddaea52d4977468e54f5350c5ea2ee3471cfb44d3273549d99fc203b0970cbe94
SSDEEP

12288:owYEMLjHOGDSaJOF4bpf4q0+0Tm4QmOe5/iG9shncIH7zoBnUYehT:oDaGWaI4bmqP0FnOU92pfSqh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1269bbb536e0a4137a4374cb56ad6846_JaffaCakes118

Files

1269bbb536e0a4137a4374cb56ad6846_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Visual_Studio_2012\Projects\N_C_V\Release\N_C_V.pdb

Sections

.text
Size: 419KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 186KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bl
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bp
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE