307b4db52d4b8526992f09f2029863a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

307b4db52d4b8526992f09f2029863a2_JaffaCakes118
Size

197KB
MD5

307b4db52d4b8526992f09f2029863a2
SHA1

8287dd12efcfdfd35cd9f4898c5f69fcd7f35a29
SHA256

6d95c2dcd338daf1f39a4aad6c8d06c02503f74139df3cbaf133df68403e2711
SHA512

e0dee0a8d3240c865a08f2ea6261e842481c8226a154a53ba386e6346b7a105271e6930536cc3c074ec31f03a1fc5da660a60416ff223191041f2e322eaced8d
SSDEEP

3072:LTm0kZCghdhJxgmy4X+8wE/8y+MZsnw+HR7jb286aEij2lb5sTSBYqTjqWLY39i2:LpkZBvOXE/IHRnb2DU2lgWLPL9Cmugcx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
307b4db52d4b8526992f09f2029863a2_JaffaCakes118

Files

307b4db52d4b8526992f09f2029863a2_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Mats_Run_Elevated.pdb

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ