0ef0a1ba5e81bfef679b150afb8bce44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ef0a1ba5e81bfef679b150afb8bce44_JaffaCakes118
Size

861KB
MD5

0ef0a1ba5e81bfef679b150afb8bce44
SHA1

82aa7cdabd562d3e4977c7e150704fe330211468
SHA256

ec7faad73f02b72780456ace1885e73701514be7dcf04bf4f9043ba9ef7e6b49
SHA512

1a7f65c0b858ce3bec17d9bd72c2217ea6b1dee271b268e785b7dfd26ec0f05d9b4004bd5ed2d37d8fc80c24c9b611add2a2aa2ce2d2a58408e60df8bd06f053
SSDEEP

12288:0nGydxnlNzOXMVmqT0/UA+GBm8EUtzxlgEpeL8WCz26hhjW48eA:0vllNzOXMVmCKt9lvICSMV58p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ef0a1ba5e81bfef679b150afb8bce44_JaffaCakes118

Files

0ef0a1ba5e81bfef679b150afb8bce44_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

PhotoScreensaver.pdb

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 38KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.qnk
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE