ef70c5791d050cc898319acbb044e847_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef70c5791d050cc898319acbb044e847_JaffaCakes118
Size

91KB
MD5

ef70c5791d050cc898319acbb044e847
SHA1

00bf7c090e8311400bec27ec8d4dd3b1015b745e
SHA256

4d4decc29044ab0da3ab91390a30ee1129b914ad03046abea59c7c0e81eeced7
SHA512

e5e1f9aecee638fa2c3c9e7d385627a2f951d8e58efd895a88ee36f190d866bfbcc4d6d09ff046db66286d754cdc0f36fc231b97ff424acf875eb91746cb5dbb
SSDEEP

1536:xZkvYUREyP/4wfGzpAHOmY3YPaHJWfz6bakWFEEx3ToRlnuh+vfIi:TkzOW/49zphHpxbaxFErJgi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef70c5791d050cc898319acbb044e847_JaffaCakes118

Files

ef70c5791d050cc898319acbb044e847_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

qpsg00
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qpsg01
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qpsg02
Size: 56B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE