3641958a9d00566bf67153df134b9b65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3641958a9d00566bf67153df134b9b65_JaffaCakes118
Size

464KB
MD5

3641958a9d00566bf67153df134b9b65
SHA1

2d5e0acdf472032643f8c762b7693b63a36c0b13
SHA256

cab8b330a0b2fcdf87e682fcc90d114eea359ad4cf1b868d4320603cdd304023
SHA512

ae9258dbbd21cb7811418a3aff2af17a8b52e1b3c44ad6f467400a99b40605930adce50913aca81a5c2527a55c0571f0fcad093293015ad42e3b38525a78bca4
SSDEEP

12288:g+y8b4M10dAzjaN8HTiuzJBNCeLEcKmwHjsMrPvLK/cLMpLvL:g7E4GQnLK/cEL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3641958a9d00566bf67153df134b9b65_JaffaCakes118

Files

3641958a9d00566bf67153df134b9b65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE