04603680c3739baa4bec34977e67dd2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04603680c3739baa4bec34977e67dd2a_JaffaCakes118
Size

153KB
MD5

04603680c3739baa4bec34977e67dd2a
SHA1

c037dfffa42f69832ec2138f65423b6cc2027486
SHA256

86883e9c0ac76b454205672a262fc78a9e1d812146c597dc257ba81d0baee4e3
SHA512

301474aa69615343b965df0c5df98e2b80a3fd43641b525cb674218e4da211d343a3c2e47aa4a93d96603f5fa84785638bed294a14776b18e81ba409bb7dd3ec
SSDEEP

3072:/g+u0z8uUP7wTyxgxkt7D5urkQycGX/PkzacWHmzHvf+cJEd:/k04uUzwgg6zv5GTxJEd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ayo‮gpj.Scr

Files

04603680c3739baa4bec34977e67dd2a_JaffaCakes118
.rar
ayo‮gpj.Scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ