125ae6901e734e68a9eea3cbc947a1c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

125ae6901e734e68a9eea3cbc947a1c9_JaffaCakes118
Size

784KB
MD5

125ae6901e734e68a9eea3cbc947a1c9
SHA1

5cee6171fc631f632ec6cf8f55b32e2d981276cb
SHA256

6d90405f26830d687e4296a1373d1ef398dea56235ac43fc2c72d689b1032603
SHA512

f4f99bb2bdd80215291c6c8eb0a12020e23ceb9d36705b669df8f8d0ec278faab7fc1acc3fb1c97aed6f2596d40f1bb1a0a90b2052a4dc9c8299b46f979f9a31
SSDEEP

12288:eebrUfYBm+BDq1GsgOWH0CXK353+OmC0hlR5FPnMFu0rf2izMJO6NxE+XR:J/nkkJOWH0C6pOOmCQ5NMFBrf2in6vXR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
125ae6901e734e68a9eea3cbc947a1c9_JaffaCakes118

Files

125ae6901e734e68a9eea3cbc947a1c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 683KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PEPack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpr01
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE