067aa720930bd4a9d93e163ba52e87e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

067aa720930bd4a9d93e163ba52e87e8_JaffaCakes118
Size

684KB
MD5

067aa720930bd4a9d93e163ba52e87e8
SHA1

d31366de8deb3923624024f45cc194994d24e46c
SHA256

fc3ae1515922deed28900e3adf17153320397dbb5f49a66ce7d98e16a00c610a
SHA512

616ece3248aac5b80333e10a171e68ded7f436d424f62fbce2f6707cfb8aab600ffc78e20ac249f476955dbf77da853297aac4a0a46bdd885538a068a4d638c3
SSDEEP

12288:zLOZqx77p77xmtBdVUD36zLqu1MrCKEffS+oPv4sXtQewuCIJpYgyB65pgd:zLOg77pXEBdVUzi16CDK+oPw6iuzp5Kd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
067aa720930bd4a9d93e163ba52e87e8_JaffaCakes118

Files

067aa720930bd4a9d93e163ba52e87e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.idata
Size: 207KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 204KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 160KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ