05a8322ba0443974598d6fc92899df43_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05a8322ba0443974598d6fc92899df43_JaffaCakes118
Size

726KB
MD5

05a8322ba0443974598d6fc92899df43
SHA1

eab5e40513fec6882b2d038101a06a5f94a8139a
SHA256

79f4b5e3a8e24f839585dc4126cba880f29065351cf43f11a9f86607d0bcb5da
SHA512

da294387aed4fc215dd8556dc09cd9cc6b97c9eb3eda9025e8975a5694a75a7bfba02770eb8f582cee7e982c4a9ece79359c47405daa7d11aa7c4990a33ed1d1
SSDEEP

6144:GyPr5W4H/nkSBZwBlgz+qQm3hvZ9+iwCV7P98mR0tBRmwPqvCxf6M0FOazI8PEKe:blW6ag5Z5wc7P9801+qifGsjKdy3QDsD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a8322ba0443974598d6fc92899df43_JaffaCakes118

Files

05a8322ba0443974598d6fc92899df43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a68e54628256d1f772051db3928e6496

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

Sections

��a
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ta
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��t
Size: 26KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��c
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��ta
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ta
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE