0c63a62e2131cb691c814fe66ff011c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c63a62e2131cb691c814fe66ff011c3_JaffaCakes118
Size

2.5MB
MD5

0c63a62e2131cb691c814fe66ff011c3
SHA1

1d8ad7b0094b2eaebc62166974332fec8fa2c504
SHA256

c83c75f3c71620cc6ba447c2295c82eb692db0618305899e96fca8d96d881c5b
SHA512

2773adbea1bef4bf60045eca800793044540dab85d13db397ee7c35c85ea7df6951c210eb80d22c8b03c7cd7cd5dbedaee24bad8109b4fe0bb8e5c219860a01f
SSDEEP

49152:JfXFHal5909i4SY+FjyGGS2kjk4Xh/GIs+d/+vXnhP0p0jSt:J/cl5CHQjyk4b+56xPG0jSt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c63a62e2131cb691c814fe66ff011c3_JaffaCakes118

Files

0c63a62e2131cb691c814fe66ff011c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c076dd55a1d70b041b6b002f233f246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32 kernel32

LoadCursorA �R]

Sections

.text
Size: 1.7MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 768KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ