3ee79a1adc57ad5ba651c7793eab81d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ee79a1adc57ad5ba651c7793eab81d9_JaffaCakes118
Size

30KB
MD5

3ee79a1adc57ad5ba651c7793eab81d9
SHA1

6eece2f61f7a2e66a25c4969d0a0e316b4018a70
SHA256

0b81d609ae9fb96b90b909d59b0e9de43ce3eece6ef2d42f0451330c667f2b92
SHA512

711fa2be8d657076c9e2ce20d139d318f0c6ae1c9b8ccba1d2477893c850da0e9376560e5b41793aefad67699fcdcdacfe7e1ee785d46ccd2bcb3e256e5646e7
SSDEEP

768:8WyI/fjvlsnYglGTv/4iPXmGjr6lx0Saf6+:bxXynO4i//jr6P0BS+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ee79a1adc57ad5ba651c7793eab81d9_JaffaCakes118

Files

3ee79a1adc57ad5ba651c7793eab81d9_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wextract.pdb

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24.5MB - Virtual size: 24.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ