2f96dc5d692baa994202a34a7c089e91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f96dc5d692baa994202a34a7c089e91_JaffaCakes118
Size

487KB
MD5

2f96dc5d692baa994202a34a7c089e91
SHA1

567c9ed36aee35a566def918b1baca6cc1c0af63
SHA256

c59691d917598374cfdb86ae0fe5edd3a8526b32462cc37b8cf9c4d59b551492
SHA512

cc2a98cceec15bc40ed5bb74e6cb1053f22e371901d12e118c5ef67064c68ac2e56f4523ade278679cede28684268fa05b266cd72a25b02a7255e06b58ad59ac
SSDEEP

12288:RC5euMZVkJ/jqXwZcDF8fNDpjqJcCfCrBnxRq7lXA:RCx23gZcDFClMJc71xR0lX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f96dc5d692baa994202a34a7c089e91_JaffaCakes118

Files

2f96dc5d692baa994202a34a7c089e91_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

,]>\okUF
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

M6g-hbkk
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FwTt1J?G
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iQ'K$>K]
Size: - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Q6>h9<p4
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

E^`fOV\#
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+RX"At5B
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nfL4O$Vh
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ