727b5ba7f7f95e88e6954707bbb2e6ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

727b5ba7f7f95e88e6954707bbb2e6ab_JaffaCakes118
Size

512KB
MD5

727b5ba7f7f95e88e6954707bbb2e6ab
SHA1

b5bd2e3b0506f25efa63e96485bb8f2151835481
SHA256

4f5a1079acda96d04f22d24da8541a7c2b1bf7c637e084f21cb263e4d6fc44ab
SHA512

f73fd366160af4057835b8d34727b64279327342b6ef920ae09d78da968e7bd085014752b16513369320d6f110d8c4211245a9d792cb8181b16271b562536950
SSDEEP

12288:KnIO39YAeNLFjAYarEdrEb5P6VxYXwsa7pRMK2/u2:KIsJeNhaodobEbE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
727b5ba7f7f95e88e6954707bbb2e6ab_JaffaCakes118

Files

727b5ba7f7f95e88e6954707bbb2e6ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\word\x86\ship\0\winword.pdb

Exports

Exports

DllGetLCID
wdCommandDispatch
wdGetApplicationObject

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ifc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE