d3dcf903f1a8f3af59b06e50bc085303_JaffaCakes118 | Triage

Sharing

General

Target

d3dcf903f1a8f3af59b06e50bc085303_JaffaCakes118
Size

128KB
MD5

d3dcf903f1a8f3af59b06e50bc085303
SHA1

d7dbc26dbf1b954a66f3fa4c5453a52b4337bf79
SHA256

1c7302d7abe9195d3dcc9cee8ae8b2a38fa04742d9d330436588f2bdf2d54493
SHA512

839762ff2bd1a40d390a6ac033763b13df01f99df2516de13f50828705dfc9eecdf230dd9297b7a5bc36f78b1753c75aa2f4b898f82a81536e3cd8dee9a86d40
SSDEEP

3072:8oPdBp0wBbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7xM0sacOnI3C:8EBZwvP6bQ7yMP+DE827xRtcgKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3dcf903f1a8f3af59b06e50bc085303_JaffaCakes118

Files

d3dcf903f1a8f3af59b06e50bc085303_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XoR
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE