61e05b28c92bcfc112f69cb5964171e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61e05b28c92bcfc112f69cb5964171e2_JaffaCakes118
Size

539KB
MD5

61e05b28c92bcfc112f69cb5964171e2
SHA1

ff912a3a997e9d9617ef2a92c91619033d02ed88
SHA256

4c22f6945142a34236068e9d85a073b59c469fbd63b82253b0c7aed7e6c6479e
SHA512

01dfbebff985d008957b9ac267ec642b69d76b8e12038a30f707838b71c0f34cf3e9a5f5550c7f09ec19787e4e0460fe3f127222592af75f34f2fb3a9f4dfe8c
SSDEEP

12288:Y5xyegIqQ4cQNAKuXNOjREXWxz8CJOWcEV5XSMK4pffo:wbKclXX8jKXUJOUV5XSXuH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61e05b28c92bcfc112f69cb5964171e2_JaffaCakes118

Files

61e05b28c92bcfc112f69cb5964171e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

System
Size: 454KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE