17fbd5902e792337040bce9265cbea14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17fbd5902e792337040bce9265cbea14_JaffaCakes118
Size

352KB
MD5

17fbd5902e792337040bce9265cbea14
SHA1

8741641c13c01207a939faacbacf0d8c5fecda9e
SHA256

590d022a6591cfa54b7084ae9dd2a0fd1cad82336ce8fffd45fba21569c05c9c
SHA512

a09809193202f48d03f2a49dfbfe8b504b808a722b453a21ebe7a7bd91dc20398f54db91aa6d5609cd55221a6049659436b1cd3246302b1268e106b3607db767
SSDEEP

6144:iwQWLr3mtlbX6limOS5/oXqOU5tZbtHwg78lG22kWieyMyAFx+:Xv3mtZKliqSYtZR4lG22kWi8yAFI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17fbd5902e792337040bce9265cbea14_JaffaCakes118

Files

17fbd5902e792337040bce9265cbea14_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\bt\1015179\target\retail\i386\BBSvc.pdb

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wtq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE