dd434d4106b57dec6dd48e5d20df8b69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd434d4106b57dec6dd48e5d20df8b69_JaffaCakes118
Size

571KB
MD5

dd434d4106b57dec6dd48e5d20df8b69
SHA1

e56997d5f8ec0d0065b3656b5e0a11537f39937b
SHA256

1ca57e800b8744a32020118985714cb70f1d000e42c4e456eb868a2f2215c54f
SHA512

42dfbb74bf2b8fa25906b71b78bd086f1288b36bbef7ec42ec63375ef48bbf96e1888f686bd039d5fb83f839fdd7fc73376d951499e6b32429edcec053db63e8
SSDEEP

12288:QnRFtj2zJfUbLXEftfLtA8RKO1WHVaTYe70sKPht:2RFtj2dfU3XEFrR41+Ye4sm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd434d4106b57dec6dd48e5d20df8b69_JaffaCakes118

Files

dd434d4106b57dec6dd48e5d20df8b69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wlbvx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 80KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE