1b29ab3e8034b05b57d155c5a1004e10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b29ab3e8034b05b57d155c5a1004e10_JaffaCakes118
Size

338KB
MD5

1b29ab3e8034b05b57d155c5a1004e10
SHA1

92d4af5e81b9d9a956ac4eacd1e7c57cd225c714
SHA256

853af68fd8775a899db4a278c4cc20e5113629f9dd0094ff8fb2b09bb560b8ef
SHA512

da0b7ad560d59adb62fc5b6282373c75f5683e515a10a3e93bd53a8ff39455cace9672c11af71c5376e01def2c5726c848f7eac3cf90629c2b1df8062f11b3eb
SSDEEP

6144:1N0N5hVsYqtArnEmOP+5VTHlYZ57AnZoY+gOoiCg8pRVc0/WW73vlyAJ+1:1N4DsNtADE6VTHlFnZAglK8/VEWjNa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b29ab3e8034b05b57d155c5a1004e10_JaffaCakes118

Files

1b29ab3e8034b05b57d155c5a1004e10_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wmplayer.pdb

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.lif
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE