49e3e394b0172c59ca9139dce029c9ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49e3e394b0172c59ca9139dce029c9ff_JaffaCakes118
Size

56KB
MD5

49e3e394b0172c59ca9139dce029c9ff
SHA1

77420e29f95f73892ce7bbd4f0e9c92f823e9cb1
SHA256

481f6615efcaf0df057ea5406ca0bf6c8bb69d26e0eb4680c06b9827347e4897
SHA512

c84dd08fa91af01daeb565393120cdcada87bfd0a2d288e6ba3d5cf3f3abd5f6a64e21e5f64bb9e5ae38170c2c43d7e70a83b5ab505d6f244b4d59183075f402
SSDEEP

768:1sSwI/Li6evW+frB90A30HC037Z0Ac0lL0oksmUiZKgKyAkAPP+N4Pf/IVSDmuwd:GIjpepOW1pBsWczDSY3DM4aljjJp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49e3e394b0172c59ca9139dce029c9ff_JaffaCakes118

Files

49e3e394b0172c59ca9139dce029c9ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 649KB - Virtual size: 649KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 3B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19.3MB - Virtual size: 19.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ