028ec7b2d82cd979f5eafa9c4802c1d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

028ec7b2d82cd979f5eafa9c4802c1d6_JaffaCakes118
Size

34KB
MD5

028ec7b2d82cd979f5eafa9c4802c1d6
SHA1

a323362305e55d62a738726f49cc51d637d97791
SHA256

7a1e4eb543173ec70c578f623a3fea4b95dfa7d82be8d56b2ebc3de9e9d8b350
SHA512

2c52cff2e9e0d00f0ab818fac27feea2c8b24cbe15a49654eebc8b184f9c67a4dae87b86479a17fc2033a5d738642935c21248968cb0a77d8f797f85bd27c06b
SSDEEP

768:NtzF+qjEvSXmqXiDkzgH7jTg3g9HdOLQngmlRAw9P:NtcqjEAmGi1TgwRduQAwh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
028ec7b2d82cd979f5eafa9c4802c1d6_JaffaCakes118

Files

028ec7b2d82cd979f5eafa9c4802c1d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.ikcrvdl
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kbxzmpl
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gnqshst
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RPCrypt
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nah
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

n-coded
Size: 907B - Virtual size: 907B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.n-coder
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

l��-*q5
Size: 854.6MB - Virtual size: 2768.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ