a73df6e8ddc8326d00b0944688f2178f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a73df6e8ddc8326d00b0944688f2178f_JaffaCakes118
Size

4.1MB
MD5

a73df6e8ddc8326d00b0944688f2178f
SHA1

9a40fac04fcde39edb74ca41c349b2ae6baad9bf
SHA256

08659415167ecb3c7e72a942e35a4681cab095c20e49de1aaeb9f16de7ffaa2a
SHA512

a08f4c9b4596c95daf79b08f4f4c36169a6400b3b451d6b3b993a2977e4e9d923668fe926c912591add96b1f266f5de30b9d591794b571a15006fcd163146a62
SSDEEP

98304:QPyWxabb4I1wZn45f0rbh2P1+Y5nHTE6PJrvHH6QCJ/wtoeV60:QaWIXb1wZWfwt2P1+0HTTPIJ/wFE0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a73df6e8ddc8326d00b0944688f2178f_JaffaCakes118

NSIS installer 2 IoCs

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

a73df6e8ddc8326d00b0944688f2178f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xur
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE