641e7e9056e5ba0458b521f42246b9a6_JaffaCakes118 | Triage

Sharing

General

Target

641e7e9056e5ba0458b521f42246b9a6_JaffaCakes118
Size

24KB
MD5

641e7e9056e5ba0458b521f42246b9a6
SHA1

13a146ef9a721e5f1d849eee5b75e4403caa5f71
SHA256

6030f894301dd65dc9a31ea4cd3e5196c34dd944b1c06345fc3a5d7f6b19a095
SHA512

a5f8864b39ca6de5748843ea523dd7d12e3f9482a2118fc89dfb38ee604f036c6508630bc6d3d6e2cc0b7cd2aff1fc06e17bdb668b4e3df5a9dd81c6ff14c7b8
SSDEEP

384:H/BreuzdTyBsyqAIZ/CCodI9RlLyhHcVhkdc0bk9khwOxvIdl0wo1Uxai5Sd4Q8N:XWsyqA+C3YLyhHR4SxFwo8OeQHs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
641e7e9056e5ba0458b521f42246b9a6_JaffaCakes118

Files

641e7e9056e5ba0458b521f42246b9a6_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 17KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE