d132fd9a79753a99bfa0c5721bff93a2_JaffaCakes118 | Triage

Sharing

General

Target

d132fd9a79753a99bfa0c5721bff93a2_JaffaCakes118
Size

998KB
MD5

d132fd9a79753a99bfa0c5721bff93a2
SHA1

cb8860df775eb5abe1d9da6aadeae47e0b28ecee
SHA256

2ce2e78ccc1e241965e06dcc7c8b3d1adcb2093bd4b20acbc690a6ac1bc7f99a
SHA512

8feb82138f1a1e56256b6cf0be14a83d0ae1208af589af9a2c9ea2abdfba67f30576570969143876518bebb60e2e0669a81cb5d5a64aa1fa6d78006952190d22
SSDEEP

24576:n/2zIgmLHgZpJEaHy9V7BdhqiZRBLkO5HVBZJ:/2UgmLHkJEaHy3n4iZRBLkWFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d132fd9a79753a99bfa0c5721bff93a2_JaffaCakes118

Files

d132fd9a79753a99bfa0c5721bff93a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\wringer\x86\ship\0\oice.pdb

Sections

.text
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 197KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.tqn
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE