d563d20fb4639f2d3d9c06c4dcb75ca3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d563d20fb4639f2d3d9c06c4dcb75ca3_JaffaCakes118
Size

127KB
MD5

d563d20fb4639f2d3d9c06c4dcb75ca3
SHA1

2b1ff0f9908649ef52967eeb81cb938e05264b46
SHA256

1a58ae522ef3bfbf04613d82d15023b47ba399533df08c9180c1c2b338ec033f
SHA512

579ba80b8377a4940411fbda6ef4715d7b67f85e8daacc53a9d4d266683cffe97659adbf7b08b9292be31ae21231cbf560f68b772171c0e46b1266387dd2882e
SSDEEP

3072:IdB4ZxB+auzC0KWxaVY4nC0S27RREqpEE1L2cAf6lfyYOiwLAq:64nsFK8IYyCJ0/vZl2ipNgLb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d563d20fb4639f2d3d9c06c4dcb75ca3_JaffaCakes118

Files

d563d20fb4639f2d3d9c06c4dcb75ca3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

DATA
Size: 38KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 34KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 29KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ