0e9f6a4b9a99d4a5fe62823f4f40cf7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e9f6a4b9a99d4a5fe62823f4f40cf7c_JaffaCakes118
Size

182KB
MD5

0e9f6a4b9a99d4a5fe62823f4f40cf7c
SHA1

be99bd55412a6d60836f887e4ac3443b459d2113
SHA256

b2c2ad4f4e89dabe9079958f3d1cb325f6096d42c3fb353c9b6f782eeeea5dc7
SHA512

d7c07a993060f36a2b3b42611f0f636846ae825ec8b0b4d950b0f9730bf20c53df92aa2d547e7842bef6fcf9380c4709dec2b17da7f36468bb99cb21d9af1362
SSDEEP

3072:x0LpXCpKHiGNWBPMmjhMu8wjwWMyyWEfZmSlurB5pIJ9yMhr:mVSIzoNMmau8iwWM7WEISlU17e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e9f6a4b9a99d4a5fe62823f4f40cf7c_JaffaCakes118

Files

0e9f6a4b9a99d4a5fe62823f4f40cf7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

BeginCvgobysp
GetAfvhoyhl

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE