31379be1e4c68d5ca66d03c859e7af5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31379be1e4c68d5ca66d03c859e7af5f_JaffaCakes118
Size

5KB
MD5

31379be1e4c68d5ca66d03c859e7af5f
SHA1

9a31ef16b8f81435ce4b006836822786dc06a282
SHA256

54b9b8c9c1fe79d6a279ecdaf4ad8bf21e15e2ba93933bc43821ffb362b81ac5
SHA512

58c5421b90779310484e74753783826f5a646ef722a60e8af6bc27222c84590979609d5d178d26a788c783a317c2293fe2c64773efeed67892269aa47abe9e6d
SSDEEP

48:ad23hIyISSa/WrnpuvlOoEjtZUW0yWjvAuBRezlnTmZAsVxfAc5VXau+1siS2svE:Byy10rnpuKUFedTmZAsRH0sbvHEL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31379be1e4c68d5ca66d03c859e7af5f_JaffaCakes118

Files

31379be1e4c68d5ca66d03c859e7af5f_JaffaCakes118
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ