b8be805a5d7a62e23fd5833d828e4295_JaffaCakes118 | Triage

Sharing

General

Target

b8be805a5d7a62e23fd5833d828e4295_JaffaCakes118
Size

305KB
MD5

b8be805a5d7a62e23fd5833d828e4295
SHA1

f4bc2c132cc55d82a2dec75f69370a9d74f48982
SHA256

bda4928f58c548dd2c3093a71387c9be7c50916212ca6bee42557d1288e337e5
SHA512

2abba498816a8fb883d8b2fe9c54bdffd4025a80df7191d8366f59bec3f9685461b20a1779c7bab212e1edc19cdb2fcd2461f4433513548332e444abccc76849
SSDEEP

6144:/P4VjqokSF9mBiMwwAWP4dCZGQ+BjSIyuHBGzxIN2zN5zVEDIU69f:naASj+9P40W1BGlIqTVwu9f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8be805a5d7a62e23fd5833d828e4295_JaffaCakes118

Files

b8be805a5d7a62e23fd5833d828e4295_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 300KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ