00137935015dc68bf8c579c1d1261ca5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00137935015dc68bf8c579c1d1261ca5_JaffaCakes118
Size

16.0MB
MD5

00137935015dc68bf8c579c1d1261ca5
SHA1

4dca8d010f8896e36cec507240f570f93bcf8ad4
SHA256

942d74e96f9b73f016fcd5dda63aadc45655063ff2a82dea47043ca22c736701
SHA512

4c1dc065733bc348c74195dd3a5227ffb9667c220cc715498b0516ab62bf9a86b972ff9460117b17cfb1e102f8f3f49f5c97a940f0c43845e02070bf3c0077c5
SSDEEP

3072:Uu7FCe43m+Jf/T4J4JykY5Je0a0lUbnASvGOO3K7l:fram+Jfb4jne01UnH6Kx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00137935015dc68bf8c579c1d1261ca5_JaffaCakes118

Files

00137935015dc68bf8c579c1d1261ca5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.nvCode0
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvCode1
Size: 83KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvCode2
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE