d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118
Size

1.7MB
MD5

d0ffaa979318af818b42e34ddec8dee6
SHA1

989f0ecdde9c54cfd3672fd9a9a96e52b09afe04
SHA256

1e0c836d155622df483eb46c6498f4cddf8bef4ca7d44853b49e5f8e1f5b5fb8
SHA512

fdefe9aae044c4c7927ff5ee6b9216b74c24324a21e59a44e959cb41c976f56e16771da6a25515bea94b233c6d05d341c55e7d08469e08073cba053ee548c7a8
SSDEEP

49152:dNarN4LLCyHW9q5N4LUVNi3lWHm3gLxArsFwAWm:dNarySyGA4LUm3r3g9XF8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118

Files

d0ffaa979318af818b42e34ddec8dee6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5e2c7d7d2ee1b7ecd7154389c58e0a4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 winmm

SetErrorMode 3%

Sections

.text
Size: 940KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ