849960f1c84e58d3bbd7fb2be4388397_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

849960f1c84e58d3bbd7fb2be4388397_JaffaCakes118
Size

181KB
MD5

849960f1c84e58d3bbd7fb2be4388397
SHA1

8ac33c8c5f79a8df368f8555bf51618d66f1525f
SHA256

2de16e1cd084e37fc25f0fd42814ce7471c57aae06cce0a5123ada3d1cd39749
SHA512

424d8aebc1996c25dfae9f4e419cec2fad5d74cd935b0e2a103e4f1b171f5f094f70bc02f38464bbef411cb7534d84b6d9607c70c473c3f5653b585b9c6748b5
SSDEEP

3072:VKWGPMcX8s7Ab2PVwRM56s6+9xRMzEVzvmKw2Mv/eR+8D9HDdle7RIAZAL5:OMcMs7AbMWA6zS7MzEVjDMe59HDYRzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
849960f1c84e58d3bbd7fb2be4388397_JaffaCakes118

Files

849960f1c84e58d3bbd7fb2be4388397_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp3
Size: 168KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp4
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE