1550f0d426382949da3c9c81775e16d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1550f0d426382949da3c9c81775e16d2_JaffaCakes118
Size

417KB
MD5

1550f0d426382949da3c9c81775e16d2
SHA1

deb3badbbcf63357d627b36d6e2e377e4c2079bf
SHA256

af23269428e14922f25b1004890d3c09e52e3b1f1ee92994381773be32edefbf
SHA512

2f977bf2afcd795f20dba6c663cf3c0a38fc413d2953579fba2d38efaf1514a2107574472ce9e7911b2f4ec599607ad563c3ac142be8415274c4ef2504f26eba
SSDEEP

6144:ql4lrHdcIzWkYxMVZ2D6YmxXdL+6X54b5FU0A83B2XR84lGkbqx:lrzakjv2eYmxXsg4vk83B2X1gRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1550f0d426382949da3c9c81775e16d2_JaffaCakes118

Files

1550f0d426382949da3c9c81775e16d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\workspace\xlframework\win32_component\xlbugreport\bin\Release.vc7\XLBugReport.pdb

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jgd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE