66f4c079341c2db4b1d14a7efbf00907_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66f4c079341c2db4b1d14a7efbf00907_JaffaCakes118
Size

4.9MB
MD5

66f4c079341c2db4b1d14a7efbf00907
SHA1

f2882e34e00688c2224bc4b2b8877cebd641a3b4
SHA256

9c6b0b20c96b5af5c3ddd40df16a5d96d5f7b09164155260ac7d97201f131178
SHA512

534e31371d2d2ca42b4cf0935a5363a93916398ce1f6d9224931cf2271fc69be248db5849b2b9f75e5ad74dcd435fab8ab32dd902c6b1081b166d2ff488588c7
SSDEEP

98304:9hkcEWAVBSYaag+Na6sfRs8rSuodBfNCUYryEpSs7BjGPmuKpAu:9hk45a780dBfN7TE39DuKKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66f4c079341c2db4b1d14a7efbf00907_JaffaCakes118

NSIS installer 2 IoCs

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

66f4c079341c2db4b1d14a7efbf00907_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.heb
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE