f6379e8511685e6a418cf41481f39271_JaffaCakes118 | Triage

Sharing

General

Target

f6379e8511685e6a418cf41481f39271_JaffaCakes118
Size

679KB
MD5

f6379e8511685e6a418cf41481f39271
SHA1

753b2298971f49eb3837381636c8932e380dd705
SHA256

672ecd7611eab0c43743689bf72bdaa6290993035c7111d73e85337ec74cbde0
SHA512

6fbd4c99b04ca470efcf379068807bb48f858b9f8f1f2aeecd9805e313b11914aa3c0aaf409bd02b22e3c759474517304fd13dae64badc62568a7d9af1c41a11
SSDEEP

12288:bhIs42W5S9THvzrtp5tJOg2+eUlJv3nmQeF3VJ05WkF3Z4mxxnDqVTVOCC:bhIv2W5Evzrn5jOgdlJvmrfYQmX2VTzC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6379e8511685e6a418cf41481f39271_JaffaCakes118

Files

f6379e8511685e6a418cf41481f39271_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

Size: - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 363KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE