eb47c9403667c0fb6717aa5406d73f99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb47c9403667c0fb6717aa5406d73f99_JaffaCakes118
Size

2.3MB
MD5

eb47c9403667c0fb6717aa5406d73f99
SHA1

ebe0bb3211a1b99243bafe4ec9f9322a43e45a90
SHA256

dad8ca36869b1a952922df6253223ff12ac0e7e820c681ce92ce13116c1792f7
SHA512

61801b3af4eb8eee3fc30b68ccaf0a042d6c91577b8f41e4a7168fc7d4d4d838822289c9ffe8422093a1a92585ee02ef0321f665416cd1d84ff69766f3def5b8
SSDEEP

49152:EDfOCABVlWuUw1Pcrcc9zpHspMFg62cXn/8KQRT6kT6CQNFE:0aWUJcrc6MI2c1QUk+CIFE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb47c9403667c0fb6717aa5406d73f99_JaffaCakes118

Files

eb47c9403667c0fb6717aa5406d73f99_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4680e6d33ca6e844c9e60eabdd28887a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32 winmm

GetWindowThreadProcessId c-

Sections

.text
Size: 1.4MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ