601cfa3adb5a3527886c78d30584c542_JaffaCakes118 | Triage

Sharing

General

Target

601cfa3adb5a3527886c78d30584c542_JaffaCakes118
Size

315KB
MD5

601cfa3adb5a3527886c78d30584c542
SHA1

15802675dc7f1095ce0ff15e5bd087899f8c46da
SHA256

85a0895b94983c1704316794843e56f205e3f292206448c5f563997f5b74178f
SHA512

a63d72459754916cb197cd74ae97f1393d231829ccca3210e2ca3152b85144616add8ac6b2b44411e23d4bb776d95bd74ed4da9f5585e06de5c05dac2868de33
SSDEEP

6144:Hq3gCsyoqWYHtSWYnI+tnYDcMbY4FmNzNwm+MhUatxO1BcC1cR:Hq3tz1NonI+1Kb5KzNVNKPcnR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
601cfa3adb5a3527886c78d30584c542_JaffaCakes118

Files

601cfa3adb5a3527886c78d30584c542_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE