ded685916f4a806f6c4a233fa71e6da0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ded685916f4a806f6c4a233fa71e6da0_JaffaCakes118
Size

37KB
MD5

ded685916f4a806f6c4a233fa71e6da0
SHA1

b5b4202657f0eff883e822af79fedeb765fbb027
SHA256

f7d58ade503738a85c733ea97fdc35edecdb942e5783862eb356b59357c3cea6
SHA512

ca54eb9926500f52ed26c3f9b7c512018ecc2c8d34f153f3addee5847bb417d1d35f0356a23bbf830377f70ca92c5abf5b5bd64f6d5bb87bd3f3823c0f3117ed
SSDEEP

768:pqOh5CEbsupvrY7sxAoD5JyoCa0GXXmTOeYqU8NLFNAYoZ+DyB:BpBpTGsxAoD5Jyo3aOeYqJLFNBoIDW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded685916f4a806f6c4a233fa71e6da0_JaffaCakes118

Files

ded685916f4a806f6c4a233fa71e6da0_JaffaCakes118
.sys windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bmm0
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bmm1
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ