389554115f8b5779ec151da1cbacdb14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

389554115f8b5779ec151da1cbacdb14_JaffaCakes118
Size

886KB
MD5

389554115f8b5779ec151da1cbacdb14
SHA1

ab6f5fb81627622921d9e781b8730538fc7611d1
SHA256

05ef7382e108f78e175e6e9860af440b67085d99476b16435570ab5216580e7b
SHA512

ec38b39f745ea5446662080e3f66362427b7b06b6c17429b32c251bca98632320a60ff11be9129af04a9ac4a1689a9a39a3d3b6de0e78eca7f5827361ca66e07
SSDEEP

24576:0Hn1mTeeaqvcedGM8upLbgkT975h/4u6G5J8R:g1mSP6FyGr/7PK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
389554115f8b5779ec151da1cbacdb14_JaffaCakes118

Files

389554115f8b5779ec151da1cbacdb14_JaffaCakes118
.exe .vbs windows:5 windows x86 arch:x86 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

D:\binaries.x86fre\SCP_WPA\update.PDB

Sections

.text
Size: 607KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjg
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE