8e1c224fbd38d1f176552c852863d943_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e1c224fbd38d1f176552c852863d943_JaffaCakes118
Size

121KB
MD5

8e1c224fbd38d1f176552c852863d943
SHA1

44e43927ad406cb5d09ce2463ff1f24cb1a08da7
SHA256

174898514b2868829a12aa5f1afe8b7847a444845a3c7f45636abdd5d8bc6275
SHA512

6e059e20d823203bfaa44edc9f3b3324516b52a0d562411b154eafde85a2e24d3d70c8b11f1437393fb55fe3236ba619c6599405aa9ffa6fb1a382f2e26c1a2b
SSDEEP

3072:swt5j8OY/ZYCKXgX3GB26GRGFjBtfZQ3q8HxC/puwVrT:swt5jroKQnEBGSFtfZZ8RC/7VrT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e1c224fbd38d1f176552c852863d943_JaffaCakes118

Files

8e1c224fbd38d1f176552c852863d943_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

Size: 308KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 976KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ohxsanik
Size: 660KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guhfyghy
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guhfyghy
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE