18e4270aada60189c8235c89cd8a5004_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18e4270aada60189c8235c89cd8a5004_JaffaCakes118
Size

690KB
MD5

18e4270aada60189c8235c89cd8a5004
SHA1

b728be56253b459258cc1fc2378687bc3d12b508
SHA256

2df6f179842253a18cdf18f20b983d3c81b6d6a74f7b5e3a6c3eba43b601eec0
SHA512

0a953dc567efb82c17ed8214292eae326a3e10931f1d354014862ed49dbbc414cc6fffa1c44e131334c8cc4c0bd6b7d9b3cf2e093697f1b631245fc31f1e3352
SSDEEP

12288:bjg8+3kUrB0JP5mwE8X9IN6mIGYRWRhG3g6NcAWokF3Z4mxxvZBh396IFMIHTgM:Y8c79cmStwPdtW3g6W/QmXxN6A7kM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18e4270aada60189c8235c89cd8a5004_JaffaCakes118

Files

18e4270aada60189c8235c89cd8a5004_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 373KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 315KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE