a246bf3f425a0f9490f206070737ef95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a246bf3f425a0f9490f206070737ef95_JaffaCakes118
Size

474KB
MD5

a246bf3f425a0f9490f206070737ef95
SHA1

647928d4369e0d137df84c5b4cbf4c7993bbac0f
SHA256

d17a823ba4a1f8b5f741f089406aabf3fbcc60179111582c8ae886cd17e8aaa2
SHA512

22c21fb23342506bdb34b6e37ae469fe36e02e845dd0f77df3900acb3bbf5a72d95c7934314bd5640785c71cb64876c39c263f8a42612029eee4c7f04088f631
SSDEEP

12288:dniv/4HQ4K5rBCVNxz6oy0nukvTYJo8LhrYEeXKO:hiYwX1WNV6oyKuVJpLuEe1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a246bf3f425a0f9490f206070737ef95_JaffaCakes118

Files

a246bf3f425a0f9490f206070737ef95_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.code
Size: 1KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 745.0MB

.info
Size: - Virtual size: 448KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.packed
Size: 471KB - Virtual size: 472KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 436B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE