be195c8680a640311a1eb6d8c51b3cc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be195c8680a640311a1eb6d8c51b3cc5_JaffaCakes118
Size

39KB
MD5

be195c8680a640311a1eb6d8c51b3cc5
SHA1

ef2804869d7583e8b78e9856314ca4794d83247e
SHA256

d8468e0a9d64ed9f0a8ee6b088ff3987ab498c3ce69d3a967c546d6923d68e72
SHA512

b60b8d02e2012d6b28b308657c5f6454c214a7858a6361f09eff0972d81f4910ff2aca4f65a17a0a99966f732dca6673ca2ac1120f165f68a835e16dc13a6bb6
SSDEEP

768:GO17ebTpPtkrgxoVJUdA526aAEggZeXkuWsuliqSZT2SZcdStnOkTamjQyxkL5J1:b17gpFkmoVyA5BaAEg5kuWlli3TrioOV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be195c8680a640311a1eb6d8c51b3cc5_JaffaCakes118

Files

be195c8680a640311a1eb6d8c51b3cc5_JaffaCakes118
.exe windows:34697 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

� �p��
Size: 29.0MB - Virtual size: 3976.4MB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

k��
Size: 18.4MB - Virtual size: 1632.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

] O�k�
Size: 841.6MB - Virtual size: 2211.9MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�T=�JrX�
Size: 4017.0MB - Virtual size: 1540.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

�H�-P�b%
Size: 2893.6MB - Virtual size: 1165.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE