4181cc487f260112ffd5bbbbce801185_JaffaCakes118 | Triage

Sharing

General

Target

4181cc487f260112ffd5bbbbce801185_JaffaCakes118
Size

1.2MB
MD5

4181cc487f260112ffd5bbbbce801185
SHA1

0542366d56800658227222e0da215efcba205157
SHA256

d54f19ca39f541d397e07733dab8d984001fed97a5a94e98cee75fb3d4ef7f09
SHA512

2d6f1997d6821ee526724aa2ce15970d5391155274cd80f5e584f41097527663944405e42cbc4d9609cd8ebbd7c404fa21f7dbbddacd84a71eff20dfe984e8a3
SSDEEP

24576:KxoWFY7dY83P7ZGt/vplADM2AC9ZTQL8l48f5h/YcBL2rD/iK:KKW+yiFMZl6M2AC9qy48rYjH/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4181cc487f260112ffd5bbbbce801185_JaffaCakes118

Files

4181cc487f260112ffd5bbbbce801185_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 166KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE