d2e8cd6157b9538efde9b8c6694ec88a_JaffaCakes118 | Triage

Sharing

General

Target

d2e8cd6157b9538efde9b8c6694ec88a_JaffaCakes118
Size

202KB
MD5

d2e8cd6157b9538efde9b8c6694ec88a
SHA1

3b49019cbf401d7fe254145e32763c733419d76a
SHA256

cc06e0a5d1d86e0d98cf322174129316d31ce23db6366c74a4254620db5dcfc1
SHA512

ea09145a229f2575250289dd8a2e7236fa8cb1b58b1c9df01d5544d11dc13ed8cb6b07450a01fa8958a9f8e158ae999f84b6708f4723be1ccec8222de31a4617
SSDEEP

3072:l8g+wF4VHsMj9jpAImcTkayS88V/i6JTa/9jPiJhq1hMalbiCEDNV7Z:egApAImSySBitQJhq1hMalbiCkZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2e8cd6157b9538efde9b8c6694ec88a_JaffaCakes118

Files

d2e8cd6157b9538efde9b8c6694ec88a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a2b0b2e61b897e69a1776a2aeaf2c12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

vb40032

ord617
ord616
ord618
ord619
ord621
ord632
ord631
ord648
ord645
ord685
ord100
ord187
ord186
ord199
ord518
ord517
ord526
ord525
ord520
ord529
ord528
ord532
ord531
ord537
ord535
ord536
ord568
ord570
ord577
ord573
ord576
ord581
ord588
ord598
ord595
ord597
ord596
ord608
ord607
ord606
ord600
ord612
ord610

Sections

.text
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ