fd32a79566f234259049eecdd9735510_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd32a79566f234259049eecdd9735510_JaffaCakes118
Size

528KB
MD5

fd32a79566f234259049eecdd9735510
SHA1

0a8bbbbe346e9004151119e98d9420e8328d6a57
SHA256

7e95aff1fde84d699f75fcac18c074a50a9455369a7ebb68853e81590d1f0275
SHA512

d15bacfacdf7f0fe78e86a113f226238af897be09eb7fac76bd697b8efb45b38a38a6fe6b3b84d962eb1fa5191eae631c22e596d0f03fa54dda6e4700e03044f
SSDEEP

6144:qRuahsiaMuSCSSBERMWK0rR9cvdqn/Na1+GRc1Jb74GSgTRwPhnl:khdaMTDSB3CSvdd+UuiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd32a79566f234259049eecdd9735510_JaffaCakes118

Files

fd32a79566f234259049eecdd9735510_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.MPRESS1
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE