fb34d2e9413b65a3e86a1e7ada17ed97_JaffaCakes118 | Triage

Sharing

General

Target

fb34d2e9413b65a3e86a1e7ada17ed97_JaffaCakes118
Size

222KB
MD5

fb34d2e9413b65a3e86a1e7ada17ed97
SHA1

d280c351b76446a34ee434349f6a9466e3b843d9
SHA256

347906aa4529ed774dda1bd1a336bbbb5e7cc5790de58330fac891baf08e4849
SHA512

ebd28ef9b310465f1c2a18e095af5e07b562dbc17391011cdbc39157ba4a34e663ef3eab23d5bae579b96573f5134a715447d9fed15fc5a06049eaae17391079
SSDEEP

6144:rDKg83S1kJjn3y31m1mMQM2gFi3vkI54dj:rDKgYJjniFSQlKlIuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb34d2e9413b65a3e86a1e7ada17ed97_JaffaCakes118

Files

fb34d2e9413b65a3e86a1e7ada17ed97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EvCreate.pdb

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ifc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE