df99a1b365d6c91087dfc850e014b001_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df99a1b365d6c91087dfc850e014b001_JaffaCakes118
Size

388KB
MD5

df99a1b365d6c91087dfc850e014b001
SHA1

16693ee1deddac6d9b418ea75b2fdf55b5597429
SHA256

b61125bd3d94a4b1ae54106e95e8e8104afb1ac73eae0ba8df69150ce4e59b65
SHA512

31e44be75592352df71fc2218f46bb6c31b9116099510154866f5e643bb93424742374f29e2c9c62b93b18606ad6e8e260b977ede6e977ebaca1fbab7631a1b2
SSDEEP

6144:3D/Xpq8z4K14huX+ENGBhRmXjx3zknjqpebNwsiNiim8vvfm:3D/s8V2uNKhCj+qpebNwsujmWXm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df99a1b365d6c91087dfc850e014b001_JaffaCakes118

Files

df99a1b365d6c91087dfc850e014b001_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

logon.pdb

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oli
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE