5d44d6680dba4cea195c667ca5a9f903_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d44d6680dba4cea195c667ca5a9f903_JaffaCakes118
Size

896KB
MD5

5d44d6680dba4cea195c667ca5a9f903
SHA1

2b0fe61d633c402cc122b87efcb8d50b7fe233a7
SHA256

5745dda9ae29f5eaaf3c09cbc70420cd752068ab2c1933616a09c4bddb7c0a74
SHA512

a9cd5295d591af24b252a939ab9350b79da8fc7e571afadfe5166f8e29e5e76e57478dbeb3e1524451a2ad3e1640bb8173e1bd10cf411b868ad7310639b0a123
SSDEEP

12288:bn4q8ZkNhTTywJ5FOi0eDuUlWyPrgOnFVi8o+rc:bRTff00cOn/LoUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d44d6680dba4cea195c667ca5a9f903_JaffaCakes118

Files

5d44d6680dba4cea195c667ca5a9f903_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

setup.pdb

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.spm
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE