c981a81f96b7204c8ca8d4cb63a68a86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c981a81f96b7204c8ca8d4cb63a68a86_JaffaCakes118
Size

381KB
MD5

c981a81f96b7204c8ca8d4cb63a68a86
SHA1

7c54a0ec3fea1cb33844f719f50c794ab819f46d
SHA256

7c0aef025fccf38393bf98618b40f393d2bcbcd598b636d5e5619304bf2e9e4d
SHA512

f6834e22553c896c5c72bf0dde0e0f810549ca9ea6d9a4aeb22d3ef39ca5277a29d288f1a81ce7f9ca11df5f7ca21f1355e56e113b9a3b9d706aec6769fa881c
SSDEEP

6144:i/PJbR7VMdFuOg8hdXn+EAdoQF74TyGYD51ojde3qCAA9ptfPut/j52qmhNDdIBO:cH7bYn+EkpaM14M3qIbfPm5t4D0aj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c981a81f96b7204c8ca8d4cb63a68a86_JaffaCakes118

Files

c981a81f96b7204c8ca8d4cb63a68a86_JaffaCakes118
.exe .vbs windows:5 windows x86 arch:x86 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.heb
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE