95189a2128dc435e5cee452cf8afa762_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95189a2128dc435e5cee452cf8afa762_JaffaCakes118
Size

636KB
MD5

95189a2128dc435e5cee452cf8afa762
SHA1

8dce7145be734f3f082549e82904fde9cd93da09
SHA256

5878492a7e9207cf0fdacce9cf057f008830fbca659c054fe6e601f8d52155b0
SHA512

e0043011131a205721102cbf674a6b7d59d46553e3d44d4009f9b1fe4020e95e8225143d3ad160469bd5c80c1042c3fce70866a6fa7a8e6f986fe386f4055905
SSDEEP

12288:ikeaTnuDSFr+ofPADs1jHgGi6aj42T12x1LF3Z4mxxLUSNBHRPIxr:hpTuDS9+ofPKQAX63812x1LQmXLrH+F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95189a2128dc435e5cee452cf8afa762_JaffaCakes118

Files

95189a2128dc435e5cee452cf8afa762_JaffaCakes118
.exe .ps1 windows:5 windows x86 arch:x86 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 320KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE