46261180d877165fdc1d470e4f044294_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46261180d877165fdc1d470e4f044294_JaffaCakes118
Size

246KB
MD5

46261180d877165fdc1d470e4f044294
SHA1

815f10e4e265eb42b826139bfd88ef77c508be9a
SHA256

223bb120cee4f70982b5ee2ed14a3afb7a987afb8720c89e733a11de0edb09f6
SHA512

ba589ef955072efa908618099eba16c0ee2dc4fdb06431be1cc1b438c354a6f41c4c63e0ba3e0d03ee4e144111f5f660b7023a8599a339ef904e9a6b5ba83eb5
SSDEEP

6144:pDpoeb1LHBdB+XWCDTG2hx+rJ20QjGPPW:pl+WmTFgrJAGPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46261180d877165fdc1d470e4f044294_JaffaCakes118

NSIS installer 2 IoCs

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

46261180d877165fdc1d470e4f044294_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tqn
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE