d5c592c723b384ac2d0bd987cda69c55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5c592c723b384ac2d0bd987cda69c55_JaffaCakes118
Size

1.6MB
MD5

d5c592c723b384ac2d0bd987cda69c55
SHA1

61f06e49849804832f05bcf1d314c01d2e2958b1
SHA256

3e5d42153183ae46af21e66060f0f6d6b422a78c9e3356bf2041962c3dd5ae2f
SHA512

a7d14b3237d9f30918a17d966d77d3ef110d1d7da71655c3573fe9475d89d7eb3cbc1307baa341efd2838e56fe4caded83232a6ba7c79fff8384cdeee3b41897
SSDEEP

12288:B8Wl5jF9oYG7OlCmS0ovDosMGR4XbAOeeeZeeeeEhMEr6CX4zist9:B8El7G7OlCmSZksDmLAuaE6tiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5c592c723b384ac2d0bd987cda69c55_JaffaCakes118

Files

d5c592c723b384ac2d0bd987cda69c55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ