ba5e88dcb4ff1a8941a71d22f3c8d9b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba5e88dcb4ff1a8941a71d22f3c8d9b5_JaffaCakes118
Size

327KB
MD5

ba5e88dcb4ff1a8941a71d22f3c8d9b5
SHA1

b34d2995aca0a3bdc119a2a71c6adbdd5c370189
SHA256

710b22902158e8bc0932bc7dfc0e258c61a57716cba2138ca0361e73bd323150
SHA512

9c59929cf425431d5b01b3ae9f99d2b62be129a68571013a842ff8ad82415c66e849264e750962a9f1d85db608e6da6312c3ec88bf2c2a5089ae2f2641a1e948
SSDEEP

6144:fzTMq33F6/XjIuYvUgk0qo4dXE99GEpkZFFy1BBC8Ib1O:T3FKjIDCJXE99GEpWFwBgO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba5e88dcb4ff1a8941a71d22f3c8d9b5_JaffaCakes118

Files

ba5e88dcb4ff1a8941a71d22f3c8d9b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\becom\198\build\WinNT.5.0_i386_MSVC.7.1\release\bin\becomutil.pdb

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qnk
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE