249fc6f9679bee79af2a95b813b7e743_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

249fc6f9679bee79af2a95b813b7e743_JaffaCakes118
Size

196KB
MD5

249fc6f9679bee79af2a95b813b7e743
SHA1

2deaa196dcac558a10e5d035ab1b6d8d3c59e3e0
SHA256

5cdce7161f0c8cb5ce6d7f7e04a4f01c323abfcae47dfa14d0b2178638f12a42
SHA512

a80d947791dac8d627fb2f5c8f300c798fd015db2ddb22d0e431b810bbc3bbcfd84ceffbed39fec94dc6926bc248119eaaa085bcf02378ee0faa402d1453ffcd
SSDEEP

6144:3JHSAqUC4gS+V3WN2zJ3Bc/7ep+tnxEOx:87h9VbUep6nxES

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
249fc6f9679bee79af2a95b813b7e743_JaffaCakes118

Files

249fc6f9679bee79af2a95b813b7e743_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

userinit.pdb

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjg
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE