463f020d8ba11295cadcad398e511d33_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

463f020d8ba11295cadcad398e511d33_JaffaCakes118
Size

1.1MB
MD5

463f020d8ba11295cadcad398e511d33
SHA1

9991e3b6d21fe8b8669f519b7b48c5b670838964
SHA256

6888062ef8e7cb4bdce85804c5eabfc0c6e92b3159db96d2d6d36b0c78edfc92
SHA512

4d5d3a3a0fbb7b89efa41984255bac9a5d72ad6e50438d63f52d6694e340ff183af6974fed9ee8334aac1c61008457754ab72295aa124658fcf1129a9739811a
SSDEEP

24576:An8cjIMLEQllzueuG6FpqJH2Sa2HjPTJ2V56xb4Vlt:AtTLEUBu5G4qJH/a2HjbJ276pg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
463f020d8ba11295cadcad398e511d33_JaffaCakes118

Files

463f020d8ba11295cadcad398e511d33_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 649KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ