4b3aa1ffb05416d6ef9e0595360e2d54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b3aa1ffb05416d6ef9e0595360e2d54_JaffaCakes118
Size

5.1MB
MD5

4b3aa1ffb05416d6ef9e0595360e2d54
SHA1

b0c6ff19601a4d35c822040eee9124a542b37173
SHA256

947c5876cb6a987f950fc8b344b47560b97d558e56ee6cf8f5e9f1a6957f11c0
SHA512

8b04f83e6048b0f8ca0a308da63176d276eccc6e71146276f0e1c23467656f4237371e09ae22eb1d52a8e524f5cc2e77ed64d28d4704adbe6e3ba6a21f229129
SSDEEP

98304:ois7yl7rqrgzZoq5GIJDmo2M78crkl8t4Q5hBgCjx5PCXeCxHn/0:Dtl7rroqgvoBs8t4yQAxB0ZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b3aa1ffb05416d6ef9e0595360e2d54_JaffaCakes118

Files

4b3aa1ffb05416d6ef9e0595360e2d54_JaffaCakes118
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

2AFD0sI%
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TVVN4VoC
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

[Hl;iUfg
Size: - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2OX@"))O
Size: - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

%>DKrNz@
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7qZXbgHd
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7*sI2Vqi
Size: - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

>R5Rt'/b
Size: - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

",@3!(>x
Size: - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

f-FrV9px
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

\-L?jXpR
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ