bc67b26d88dc688ce80f9c1bc46c8865_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc67b26d88dc688ce80f9c1bc46c8865_JaffaCakes118
Size

201KB
MD5

bc67b26d88dc688ce80f9c1bc46c8865
SHA1

70f46c3b67dcad1214d553cdc26c8f4fd6c65a3d
SHA256

511e44fe4530c80ff26c90fb6bc5ff9bdae7fca0a547bc2a72baae36b9d2c266
SHA512

b0e36da0bdb59f423a80bcc54cac15a1eed5c4042d153e0d210891ae5ff52c4d740df47bd432128c5cef829b1f8db93bb6d748cf2ffd0fe78ca5d5a3126ca987
SSDEEP

3072:QP7l+yUzcUd1rJG035uY52qc3jh3W+tbhzU0Nq5Ha6tBS7IRns6DtDYWhdBaly:Q7B8Xx5uY5ZcTh3htKGq568kUhh5p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc67b26d88dc688ce80f9c1bc46c8865_JaffaCakes118

Files

bc67b26d88dc688ce80f9c1bc46c8865_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mshta.pdb

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rol
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE