aa229a7adc2f2dc7979528a0863935bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa229a7adc2f2dc7979528a0863935bd_JaffaCakes118
Size

331KB
MD5

aa229a7adc2f2dc7979528a0863935bd
SHA1

80b902bb45c6640be29c6d76667ca7092d3ffaeb
SHA256

9a87f1e628cafb4cbef96790d6f4a80171cab5340a37508f9344144c50b13fbc
SHA512

24702a2766002487bd8b5886a9af17fb64f8275bc154ecfdca739ca8195fffa533f44ce3464b440a9dc80d364aba6aadf37a98c9d951b0ae06e29a91a8e1427e
SSDEEP

6144:r4o99Iri2LkQBhGsHv13K7DEzN4f5PIIjdasxj1a2UFAxEoVo04TQt4JthR764Fw:8o9/svP13yzfZdBj10qEbbQkTL6R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa229a7adc2f2dc7979528a0863935bd_JaffaCakes118

Files

aa229a7adc2f2dc7979528a0863935bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.assrvae
Size: 315KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kvaimmx
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xitkunh
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RPCrypt
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE