200d662b47aff5c3e397cd3003c470eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

200d662b47aff5c3e397cd3003c470eb_JaffaCakes118
Size

526KB
MD5

200d662b47aff5c3e397cd3003c470eb
SHA1

4fe9d2258bbedc262433146e9b41a7a9725d0293
SHA256

1041ccfc02d359beb1bf10dd75d385e5c69b4bfee2be31373be0e2c5d42b3b59
SHA512

55e459b61cceec8df3003b8b8aa59725b65bfc480703701a4bc9abc382e56765c37749aaa2e3a49c9f8e8bd63b6b2640469b92243dc9bc498873cdc00dac7440
SSDEEP

12288:pOqe9NdPqYn55mscBxPn2Tiyb1wu6v5W06kYD:pGNdPqYn55mscrsiyJGqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
200d662b47aff5c3e397cd3003c470eb_JaffaCakes118

Files

200d662b47aff5c3e397cd3003c470eb_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

rmactivate_ssp_isv.pdb

Exports

Exports

?SPVersion@@3PADA

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vsp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE