17ee5524755f3a457a6a23a21f00af11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17ee5524755f3a457a6a23a21f00af11_JaffaCakes118
Size

444KB
MD5

17ee5524755f3a457a6a23a21f00af11
SHA1

071c7cfef1760b8b908d99d11a514fd267f8322a
SHA256

7e6b25d0403fe87ecaed751e4fdda0ed9dd41776c252f770b4cb4bb8502876c1
SHA512

f29a6ce94d6f310efc9b5040bc82913bc145030550a26542bfb2c43dd10866bd6993c886303f7a607d7ab068749003165c9448119d9e3d9373d3b297ae2071e7
SSDEEP

6144:yfrQN8kCqYuabJGCZrxvdHLG/vIRnIsMrXbvs/K4v:yxHdGsrxvRLmQRMTsS4v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17ee5524755f3a457a6a23a21f00af11_JaffaCakes118

Files

17ee5524755f3a457a6a23a21f00af11_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wlsetup.pdb

Sections

.text
Size: 721KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33.9MB - Virtual size: 33.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ