11f797650207be5df8a3efb0c2c9c331_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11f797650207be5df8a3efb0c2c9c331_JaffaCakes118
Size

365KB
MD5

11f797650207be5df8a3efb0c2c9c331
SHA1

0ec0cdb3d2d60ad6caa47a85f5695870d06a2db9
SHA256

b652f35c2c31de4ed3e779047a47b2f9159fc448a7393bf9af3379320d2b3110
SHA512

b60b1c5a78579650c0fbf119abd247cd5e4e050765d9462baab099cf638eb652ae027dcc26cded3b5eb24ad4406be72da04e1a72e60dc2d22906ef4628b3424a
SSDEEP

6144:M3xLpa1dpL6hPB+NVHSb0m/CV+g/FFQ1qYWD/kJZJ0lD8EaUbwE:Yta1kB+0QVb98J7kD85UB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11f797650207be5df8a3efb0c2c9c331_JaffaCakes118

Files

11f797650207be5df8a3efb0c2c9c331_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\bt\47189\target\retail\i386\BBSvc.pdb

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wtq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE