1712a59539218b93d01bf4e082fb5656_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1712a59539218b93d01bf4e082fb5656_JaffaCakes118
Size

316KB
MD5

1712a59539218b93d01bf4e082fb5656
SHA1

b535d5b60658995fc69cc4a86b04f8caf52a61f5
SHA256

9861a27c52e97756e71d6f1c7c34f7876710bb1f235d738abe22015c116c81a2
SHA512

917da3ffb70f69f95274cbde8b012b00e1406e7b1a86981c2513fb3adbaa49f5b191739f66c8452b20f591b41856f063dafe51af07b7de557056249db020b5f6
SSDEEP

6144:QuwBmXLgaBxbthwhs2NsLGYJpL8FPLRmS5RSTCBsCxPY1pAzeNz/y/8yL:QuwBmX/Bxbthwhs2NsLGYJpLMsQYBNDu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1712a59539218b93d01bf4e082fb5656_JaffaCakes118

Files

1712a59539218b93d01bf4e082fb5656_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

--------
Size: 835.4MB - Virtual size: 803.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ion: for
Size: 1622.8MB - Virtual size: 1558.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

e="r4u1.
Size: 1766.3MB - Virtual size: 550.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE

octet-st
Size: 9.0MB - Virtual size: 1750.1MB