d504cddb9f4b943417ae1742d9724536_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d504cddb9f4b943417ae1742d9724536_JaffaCakes118
Size

2.6MB
MD5

d504cddb9f4b943417ae1742d9724536
SHA1

3e76a1477ef95cc512416d32ad7c1182f90aa43f
SHA256

c0ce22fb1ad63003e4a4298f70caa934a52e1f64f507f0bc5e9602a4164767db
SHA512

fdce1e15470529648dd99f1cf1d3938bf290288a0b18a9cdf10e9d866c14011bb907890bce0d8ad0c9a823ca68571c2080b8ac7d5afeebefeeb97db2308dff56
SSDEEP

49152:VMjlJ7WZ/AEQ3RXufXChSGNE95idoh8yxbw9sVjk:VSJ7a/PQ3RWCdahR2s2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d504cddb9f4b943417ae1742d9724536_JaffaCakes118

Files

d504cddb9f4b943417ae1742d9724536_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE