fb24afe796877f408b8e2bbda4808ec3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb24afe796877f408b8e2bbda4808ec3_JaffaCakes118
Size

97KB
MD5

fb24afe796877f408b8e2bbda4808ec3
SHA1

d8575e9b2655663ce93a45879d5eaf59b01e19ff
SHA256

e24a0f541c011697cdebeb3f1f39aa1d16658817a5168e793d646db0815c155a
SHA512

ac2c3eac80cde6896b0e09c7ddc7fab4e07c88d0e91c2594b98c3527c7e4bb16875555a7560687cd7a66c604d5e01c7fd42b1362bbaad67d25c242f354248c08
SSDEEP

1536:wRfUalJDWDdJzBWJJZirVeBe1zVkQc4F8zfbCEGdAYimMuET7Es6eus+A:EfPlJDM5QJvSVQz2zd16LT7Es/uvA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb24afe796877f408b8e2bbda4808ec3_JaffaCakes118

Files

fb24afe796877f408b8e2bbda4808ec3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.txt
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ