302170485bd76f5aa7674e3e84a59b85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

302170485bd76f5aa7674e3e84a59b85_JaffaCakes118
Size

640KB
MD5

302170485bd76f5aa7674e3e84a59b85
SHA1

2409adf65f49de26cd0c2e39b6ec62fbdf9ca999
SHA256

ed6d2c92354767e9a49ace3fa64e8a1c3c3cc8e08c59f8cd25dbaddf3f713b74
SHA512

df314b4023f6b4d82e6c5dcb002e430cc49b358beaf949b10b3d387a7862477ee896d59cd4ea58f3b10a3722373fbdca4a744bcf5a182bf8565b9d43ae85e066
SSDEEP

12288:kMDeHmkqAvcmLUt8tOnzjY6RU0AdbKP65O3PVqfhOY9tx/4+TOvOcvT9UIlTK99H:VamOfUuAXodbKi8g/9tx/4+TN8TbTe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302170485bd76f5aa7674e3e84a59b85_JaffaCakes118

Files

302170485bd76f5aa7674e3e84a59b85_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ