c8870e63fe8e9388d1009f3455617260_JaffaCakes118 | Triage

Sharing

General

Target

c8870e63fe8e9388d1009f3455617260_JaffaCakes118
Size

23.5MB
MD5

c8870e63fe8e9388d1009f3455617260
SHA1

b8ee40546fdec6026be2de04d0f5db3b2defbd89
SHA256

9843ba8eac8839d6f7b0c4bf02f5a4a296dc304fbab6fd620f2cb3b031d5f48e
SHA512

f0cee87feb910b3e9fb87c5dfbbd1bdf5527e774122789de4d95b46be650655d149200bc156dfe9f4d5590388c2027f810e80bceca7cadc0f8119ad887401bf1
SSDEEP

98304:NshxJCFKYFkkNwFDwuUfo/nK8wWc9+fSsoTjZQywvQ8SSS5YpoTTTb333Ca2aeC0:DFtFPruUfolcYVCYpi333CaBed

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8870e63fe8e9388d1009f3455617260_JaffaCakes118

Files

c8870e63fe8e9388d1009f3455617260_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 987KB - Virtual size: 986KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 23KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 52B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 22.4MB - Virtual size: 22.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ