d13cb025bcbb75b52743c7f857017d4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d13cb025bcbb75b52743c7f857017d4f_JaffaCakes118
Size

291KB
MD5

d13cb025bcbb75b52743c7f857017d4f
SHA1

08c2476f65cc065d43dce21939b119a3ff6bd083
SHA256

07c737d3d119238b6e8aaabe341acc99e25ed686c32d7c869ee444e6a350ec6c
SHA512

56eae91dad2f58a952055e8722e8ad4439ebf143744aa76bded5e6804f05b58baa8fddcb6c88aa983d7a7ed3d06b06833829f27e07f4046f241f0109157da0c3
SSDEEP

6144:xscoVNT8+d4yz7DP9VyETSC3xQ5OXV0+dXAJi:GcyxO+DVVyKhdljwi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d13cb025bcbb75b52743c7f857017d4f_JaffaCakes118

Files

d13cb025bcbb75b52743c7f857017d4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 868KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 272KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HaoTian
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mm520
Size: 1024B - Virtual size: 678B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 1024B - Virtual size: 935B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ