d9f5d2dc108547380a614b8dbdf6170e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9f5d2dc108547380a614b8dbdf6170e_JaffaCakes118
Size

658KB
MD5

d9f5d2dc108547380a614b8dbdf6170e
SHA1

fcfb6b577d70a7d87d67551596da444e22c5c57a
SHA256

2fdc32e545bbccbba90d7534ce1dcfe160b604792a907626bd3bcb5dd274c9e3
SHA512

8c4ad28915d119dbf1414cbb86d9a041a328d56077fcfd8f0bfeb385919941f96948343637e00d8d501554b938a425e2923b52d655b92d76013d113927a14faa
SSDEEP

12288:Co1z3+XoRhod8otF9QRy/+cE6y5ozG6Ci65F+HiZEpSplQU0RVY3vWLXE2ez:C+LWzd8qFey/iqy6Ci4rZE07/yY3uL4z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9f5d2dc108547380a614b8dbdf6170e_JaffaCakes118

Files

d9f5d2dc108547380a614b8dbdf6170e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 617KB - Virtual size: 621KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: 40KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pep
Size: 22B - Virtual size: 22B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ