a98c93cf564c6223e43759990c5df689_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a98c93cf564c6223e43759990c5df689_JaffaCakes118
Size

324KB
MD5

a98c93cf564c6223e43759990c5df689
SHA1

1fa3c3c8ea343181e6284cdc81e1a689ccbfb13a
SHA256

d8d21470cda52972bde30f3693c7c93985f8b9b021a7219506e26059d96fa49e
SHA512

2cd2c7a893ff39dd077f2d41b39b4a66fd3b3015ed0e6ba40792a01544690f87de2d9cf0d3deecce9138ebcbedd6d0ad41fe6ed35bb6f8f7d7fa82c4829b8086
SSDEEP

6144:KO98DahZDB2QsuqLmFCANEMLo+ZLB5J7pFN2Mjx9YBY+dRKgkfYIA8fhiNupi:KO98mbA9uqyFBXLoMjJVFN2MF9gkHhCN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a98c93cf564c6223e43759990c5df689_JaffaCakes118

Files

a98c93cf564c6223e43759990c5df689_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.ficken
Size: 184KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ficken
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ficken
Size: 32KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ficken
Size: 68KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ficken
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icon
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.khe
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE