ec1843d26dae03949d96dd616ad85649_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec1843d26dae03949d96dd616ad85649_JaffaCakes118
Size

565KB
MD5

ec1843d26dae03949d96dd616ad85649
SHA1

2447f9caf0a11d854d60586def1cfd57297b1e4d
SHA256

3ab5d6c5b3a9b0960dff86e6261a69889ad01c6053d70324344ffbd48033698b
SHA512

4efe11ef6df87a5fa4ab49034ad9ed1edc5df336dd8dcd775add3be626d2950f4ed989f3201d2a7ead11ba7021e5db891162ef01623112d77c2bbd511b7d5ea4
SSDEEP

12288:PIBmx0qeK6H6DO6xzb/1S30fWiYtSjK3zVPW5b85QPHn:gUMK6H6bxP1PWiwSjK3zjKn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec1843d26dae03949d96dd616ad85649_JaffaCakes118

Files

ec1843d26dae03949d96dd616ad85649_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ