409f30b68b84dc793508cf28ceeccb9b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

409f30b68b84dc793508cf28ceeccb9b_JaffaCakes118
Size

4.9MB
MD5

409f30b68b84dc793508cf28ceeccb9b
SHA1

ff6bf0b1624f3a7eb236b9c8e6bf6e66288580b5
SHA256

5c41076bec787097011084fe9b54c0659e564a0d364dd4009c233326627ac94c
SHA512

08c07a6ca823e67703f6e6647062444c8df5579300ec90a1c460f9cacf036dd5f203768b44263cf7bea25cea5be702cebf9274369acd450b88a304de2d5806ae
SSDEEP

98304:orOuRhvtmHYiH/IL2P/zc1Hb2e89B41DLsqZfqfvSN:M9Rhvtmjb6b2p4yqRqyN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409f30b68b84dc793508cf28ceeccb9b_JaffaCakes118

Files

409f30b68b84dc793508cf28ceeccb9b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.tls
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataJ
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lwart
Size: 813KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textvb
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdataM
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 392KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_BSS
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE