65bfd5696097db6ae2cc25acd6ac05b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65bfd5696097db6ae2cc25acd6ac05b4_JaffaCakes118
Size

430KB
MD5

65bfd5696097db6ae2cc25acd6ac05b4
SHA1

fb4d6188842b5075287a74b343380e35768be6f3
SHA256

8b6dfd7cb0ee91fe5382204783837472d43c41b5884acd1cef77a8c8016fbe46
SHA512

30d8e63ec7c956a808802f1f67d913651a43464a8df2bfe73fb4b49debd1989186558f07c45f8c25f99df11cd46f9edf3d05df9b603fbd23fdc3b7666ab550c2
SSDEEP

12288:a6IfX+pd167QhE0qX+pd167QhE0kbZWpNnzx:TIfE6EhWE6Eh7d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65bfd5696097db6ae2cc25acd6ac05b4_JaffaCakes118

Files

65bfd5696097db6ae2cc25acd6ac05b4_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ieinstal.pdb

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.spm
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE