2ede8aa53e5414cfa1caad2e75b55669_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ede8aa53e5414cfa1caad2e75b55669_JaffaCakes118
Size

199KB
MD5

2ede8aa53e5414cfa1caad2e75b55669
SHA1

cfdb98072e098c31cdb844b36f2cfc3b744ac622
SHA256

2eb320a442390e23930fba349c3d7b0ad188bde457ed975a57dc3eef1d75f46a
SHA512

d43521202ecb985b850499d67ba100e9bcf7bdee88b80aef5b8567f337f141102caf08d38e368b7936394f49cce112353bd47e6c41d4f11f6e83cbeb5fc8d07f
SSDEEP

3072:imr3t+aUk+9LCvydcBUAx+SlKJ9VbiFYCoqmp1efPNIUf8c2XtDNHG7bUBX:kIGbV2YCueAWbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ede8aa53e5414cfa1caad2e75b55669_JaffaCakes118

Files

2ede8aa53e5414cfa1caad2e75b55669_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wlsetup.pdb

Sections

.text
Size: 721KB - Virtual size: 721KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79.2MB - Virtual size: 79.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ