63c68b418d39b9e64e243f4ff9edb4f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63c68b418d39b9e64e243f4ff9edb4f8_JaffaCakes118
Size

399KB
MD5

63c68b418d39b9e64e243f4ff9edb4f8
SHA1

f8f2e035d3f5301c677d7905e820f9f3f2a1175f
SHA256

0173f1d6b2c003c0aae877a024afec6d1943ad18698191456838663c95e30c88
SHA512

2917fa54e6571c90eeac04d140b9d9b1c848e8ab3458d583d089d9e348861f6089172f43c897530465d68bf720b32d891ebb46e13c18466c6c9072a256f7279b
SSDEEP

12288:5C4gNobaYoN2eS0Byblsde3/nnTKLxM6vA:5HyobaYoN2eS0ByTnOLxhA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63c68b418d39b9e64e243f4ff9edb4f8_JaffaCakes118

Files

63c68b418d39b9e64e243f4ff9edb4f8_JaffaCakes118
.exe .vbs windows:5 windows x86 arch:x86 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

spuninst.pdb

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oli
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE