404e467c040375474f9fcc72fc0ecd39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

404e467c040375474f9fcc72fc0ecd39_JaffaCakes118
Size

858KB
MD5

404e467c040375474f9fcc72fc0ecd39
SHA1

f15fedc3c194393c2e91c6383f643b52c5d139ae
SHA256

6904c868a2056b552edcdccd5a33878893f852c3cc79dbff699e06f26d672d06
SHA512

4d2f2de115108ae2b01c7c4fc4ff00a91467db5efc8d29f0f8bd30b0962ee8de3b2302cea1127e0d807efc14c0036a047dfc9e2e5037aea456020bc03c039ae6
SSDEEP

24576:wsRLXJo6iES1QGXpNXjcYGm3/BcX2LGeg4eW:wKcf1jpJdGm3/BcmqegRW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
404e467c040375474f9fcc72fc0ecd39_JaffaCakes118

Files

404e467c040375474f9fcc72fc0ecd39_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

CH
Size: 450KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wf
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

QrM
Size: 2KB - Virtual size: 37.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RPwAEA
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0c4
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE