20f790f45b8a9a4cba93979b507c9e34_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20f790f45b8a9a4cba93979b507c9e34_JaffaCakes118
Size

689KB
MD5

20f790f45b8a9a4cba93979b507c9e34
SHA1

64602bf551b187c507af940b569d5908b372784c
SHA256

6f9bba2b93d72703c81f3b79b605d5807a2e81e65bf21d55c2bb8e2da2a41f16
SHA512

85f7537851b6dd3528f864f137b7c3885c4c0242f2ff324a89229bda959fbb1150dc9be71027dbac1759016956f40e83433d5da868aaa4efe8d0862b92f49413
SSDEEP

12288:zZCErnysEJXouoq+6lQR5SORmZ8vF3Z4mxxfl9WaHNB8zQC9fb40U3eRC7Eavae:zZr0Xou7G3HmcQmXfHWyNB8zQC9fGuRc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20f790f45b8a9a4cba93979b507c9e34_JaffaCakes118

Files

20f790f45b8a9a4cba93979b507c9e34_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 373KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE