d71b7122e97552d1750b479bff1866f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d71b7122e97552d1750b479bff1866f1_JaffaCakes118
Size

317KB
MD5

d71b7122e97552d1750b479bff1866f1
SHA1

bf772c1792525e016762b25aac3a83f2ace2a8ea
SHA256

6c9d036b434869d6c997ed5888d8ba8cb81923e54354d5d17509ac2b55271d6e
SHA512

2a3e1ea38198e3c4af7c43c500ae1471047057d4fedda9d4a1604ec043539e8b6d4ce04dc5eb733f003f69f31adaf9040948df16dcf675c8e77199bdc3402f0e
SSDEEP

6144:u+u1ORTiOlDGVrG+0trHrAgC2nPVkWTxzyMH9MZX04TGNCSKEZk3AJL6vnv:Pu1OReOiGlMgRPtye4TGNCd9AM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d71b7122e97552d1750b479bff1866f1_JaffaCakes118

Files

d71b7122e97552d1750b479bff1866f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 888KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 311KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE