2c411fbfa019e66652790baa3414e7c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c411fbfa019e66652790baa3414e7c3_JaffaCakes118
Size

12.7MB
MD5

2c411fbfa019e66652790baa3414e7c3
SHA1

f7fa231bebe0ce3b9d51d82db7d0bb73e46e3047
SHA256

839d0d7d97090b993312fad40f28feb861f19c47232df92c4d087392c0813928
SHA512

ba8525aec9fd9edf6da7bc0ddb485ec58e7462344a1b668c54fbc03f78a523152310447c5f29fbd163b6594e90ccbfed821b142b0b92a41772cb77a10d511af2
SSDEEP

196608:Wy6C+7T77l9T4V+GArzajnLUgvFlR8/Njk/yzqbVtAxu/mluFepVwbXlJ3K/fsnr:WztTfDTQIvadFQO/HSxHKXHa/fLD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c411fbfa019e66652790baa3414e7c3_JaffaCakes118

Files

2c411fbfa019e66652790baa3414e7c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.4MB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qnk
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE