ddc8ad9901564fc337d19501100aa29e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ddc8ad9901564fc337d19501100aa29e_JaffaCakes118
Size

223KB
MD5

ddc8ad9901564fc337d19501100aa29e
SHA1

2c79509d2192ce32927c69a5a65d8e1d99d67c7b
SHA256

50f792c0e1d0a467c011409ee7a105b7661778f2af1163a2801dda79f0210343
SHA512

8712249112b763e3c8584779047f2c8e852d4c9d75b982858630863d1a87670d75b96fa81b9d89a57d94db096d2d182a9484ec76e480dee99bc4eb55861bfd4b
SSDEEP

6144:0AcveQosFXOyK5xtJ1DPpIB9s1yiOOnTm99iQR:VdQosEt5x317aBC1yixm9AQR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddc8ad9901564fc337d19501100aa29e_JaffaCakes118

Files

ddc8ad9901564fc337d19501100aa29e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ