a307548902e54df692b1dc4c9152de81_JaffaCakes118 | Triage

Sharing

General

Target

a307548902e54df692b1dc4c9152de81_JaffaCakes118
Size

688KB
MD5

a307548902e54df692b1dc4c9152de81
SHA1

d04df5d4f2d9353dfb0382fdff320a50ff309348
SHA256

e4cb319de0a1c7b40bf6b26a14bb2777b9e5ebdfc1dc1ac18a8ef8db8b0e35eb
SHA512

d4c4513e8ee02bd9f1dba3b2821f531b13e067323f46086e3a213cb040fda40398492941852055a428349e520a72cd081f058caf2d48a7d484e6f89671989e4e
SSDEEP

12288:jL4xNtmRRrGKfmvaU7CoSUNt/siFON0bV0gJhZF3Z4mxxLZ9+U+L6Yy02rB:Y3tmRqimCoJki8N0hznZQmX99+U+Xy9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a307548902e54df692b1dc4c9152de81_JaffaCakes118

Files

a307548902e54df692b1dc4c9152de81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 323KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE