49682d34d4f4cf3f3c800c6cda444a35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49682d34d4f4cf3f3c800c6cda444a35_JaffaCakes118
Size

277KB
MD5

49682d34d4f4cf3f3c800c6cda444a35
SHA1

9ab14b3695bc664d8606af166c2e8fc5367c4ae3
SHA256

21e06e6a5d444baf66940e9efa220f0bcfc275f7607d24b927856763f951fd38
SHA512

82e44a42c59220d723e026e782bd825d0287913392bcdd7d2250a78c3a10bf03f0fa7395c788b6f661082a6c22a9ee5fef699a37c61c5ba7573c80cb41472b65
SSDEEP

3072:o7t+L9G8wMkLVedwCOtqu8x20bWylT5M3MFbGy1tb79LmgAgI3G+ksF8P85qBvS9:pG8wKdwkQ0wcJ96g9+q85q0pJb9hCA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49682d34d4f4cf3f3c800c6cda444a35_JaffaCakes118

Files

49682d34d4f4cf3f3c800c6cda444a35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\KCode\dgsvn\product\win32\dbginfo\dghm.pdb

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yvs
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE