ef48d1097c3c9490654df5923a342a1a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef48d1097c3c9490654df5923a342a1a_JaffaCakes118
Size

75KB
MD5

ef48d1097c3c9490654df5923a342a1a
SHA1

f00575ded2491a003b6d60be89e4c5b6ae8e5ee4
SHA256

40e79301927178bd3dc83af75a7da0220a0ebae2ea5addfdcb20ef3e9e09e360
SHA512

e88c5a9c8a5fd5143cd41c8e6f5c24f30b7bb8f307d7eca20afb4c7e83fdc11990867411efe903ab4bd0c0db0f66f2bdfed852db63eeea4b87a0d9f169819f66
SSDEEP

1536:j9Kos1Aepzxt9878JBy0elqxz67Dks5OizmF2Nmd2GaxW4iWM2ZnS:JKoAF8oJFWqxz6nktiwBMzMX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef48d1097c3c9490654df5923a342a1a_JaffaCakes118

Files

ef48d1097c3c9490654df5923a342a1a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

Size: 200KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vbzgrrjs
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tmpkblhd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tmpkblhd
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE