6a972f479ba7a0596ecd168e5501d2c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a972f479ba7a0596ecd168e5501d2c1_JaffaCakes118
Size

1.6MB
MD5

6a972f479ba7a0596ecd168e5501d2c1
SHA1

f9f674fcc685deb88b4ac6ae0dc780b1b42c2712
SHA256

a7695898c4cc6821cd08aa4bc1889b100fab2591391a1cdfd31934032e2e7200
SHA512

cea969071e82c039fac481e0779fc631d0273b54d73969dd3c8d714eb1bb934fca199023d98f751765a68ad28f6915f14956a3ecc48250d75a90bd144b39f24b
SSDEEP

49152:CzXXIbBgSKNByko2HM1WHhi/FcsRx34hVbIMxmvZ:MXXEltcVcF/RWd9xqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a972f479ba7a0596ecd168e5501d2c1_JaffaCakes118

Files

6a972f479ba7a0596ecd168e5501d2c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 87KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 691KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WinLicen
Size: 844KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE