d13b1594bf3131439960679847deafd5_JaffaCakes118 | Triage

Sharing

General

Target

d13b1594bf3131439960679847deafd5_JaffaCakes118
Size

695KB
MD5

d13b1594bf3131439960679847deafd5
SHA1

ade9dfd09c222d4c44c7a1580a2e6fa8ff7f4752
SHA256

fbdf8d3c34804ee8b85c721e9ab297d7a4f83a7c24c16d602820d40b6f7896e3
SHA512

00541f6ff42ea82edad8da937ce58b169556fdbf3c0dce23fff8902ab0aaca8654106f9b22f3ee9af0884aeb90f249cc82650f546382c2f2e966869622832f63
SSDEEP

12288:vYQzgc7nLXYQzgc7sjjkArEN249AyE/rbaMct4bO2/VMvfUwe7ctr:vfgc7nLXfgc7soFE//Tct4bOsCfk7cN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d13b1594bf3131439960679847deafd5_JaffaCakes118

Files

d13b1594bf3131439960679847deafd5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: - Virtual size: 953B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE