c27fc197edf35873995ec566f8c2da04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c27fc197edf35873995ec566f8c2da04_JaffaCakes118
Size

658KB
MD5

c27fc197edf35873995ec566f8c2da04
SHA1

47c19be62740c221ff761d107e6895d32b285f7a
SHA256

0b5fe0a1fb3b453a30a623cc9db3e35340d7470239a1c53cd4b4e2a47ebf5ec8
SHA512

ddc01f74688a58c3a639a966a61baebeb021926ddd16fa57fb6b1b624a3b48440ef308f884b25d5b2c5d4ccb37cf75e4e7ffc5b9f744b7fb124c1495f6ef829d
SSDEEP

12288:OXhyeMazMJuMphB1UgX6I9cPSLK7Z+BpjvNcTKrgdX+8C:OXXGN1TX6AvkmRNE+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27fc197edf35873995ec566f8c2da04_JaffaCakes118

Files

c27fc197edf35873995ec566f8c2da04_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

system
Size: 581KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE