1c9804c0e929cbeea412caf6af350742_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c9804c0e929cbeea412caf6af350742_JaffaCakes118
Size

312KB
MD5

1c9804c0e929cbeea412caf6af350742
SHA1

b042e1e46d8a951206bf553ffaf4311cf90ba301
SHA256

21783a5d6c37475fb1c89414cc5e66b3c27944adfe8197ec313b932e38814d95
SHA512

9c3653411c0a2b5acd77ff3ef2ca08e063cfc8a5c354618b43f0be0b2b798aaf0513e97d59a54b32ba97e174c9707b56433af8953cab28a2e6a670230bed5a73
SSDEEP

6144:muwZe4E4ulJOAIoFaZjXnFhytLQjnW/zSlO92CMruES60zbxRQqZw:j4ETOdoFo3FhyNQjncpnzbxRQqe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c9804c0e929cbeea412caf6af350742_JaffaCakes118

Files

1c9804c0e929cbeea412caf6af350742_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

puto
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

puta
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zora
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

narcis
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newimp
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE