1525979a50f8e32808fe2bb92eb89a08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1525979a50f8e32808fe2bb92eb89a08_JaffaCakes118
Size

1.1MB
MD5

1525979a50f8e32808fe2bb92eb89a08
SHA1

768133c61df187b1cc2d618940198d963474a762
SHA256

b0b69b32da4749d71d1ff18d20120ccb9419ee8a9fea54dadc8c9a1ee704fdb2
SHA512

20c4249a9ee7d5f5395661f4f8a8d9665604d28694e5fb5d2679d48b1c6204af65628830e8f99880a036b2868c55a66ad4027abb4747c40367f290fe119d08cc
SSDEEP

6144:6sgwIG2YemWwIn2A7QK0dsUVwuTnzD21R4l+Tg9qroOuHkGcl3n:60IZY4wIn2AUD21Rm+MnkGcB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1525979a50f8e32808fe2bb92eb89a08_JaffaCakes118

Files

1525979a50f8e32808fe2bb92eb89a08_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ