526e8c980f299a6d89d7504dc8104390_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

526e8c980f299a6d89d7504dc8104390_JaffaCakes118
Size

173KB
MD5

526e8c980f299a6d89d7504dc8104390
SHA1

fef75fec3e4ca7271afb31af08b6d6f5e0aef6ca
SHA256

0fe255a4a670af437b86bbd70b723abec14f6a27583dbb67a2fe18d136c77a5d
SHA512

0c21b14446c6a247212a2f75ffc314124462110b6ab8342cb3b90e12fbe3574eae95b19de9d94c0bc63a3b8c60c8f808605de53a23862004e4c1fb9c1043a692
SSDEEP

3072:6LI9NUvvWa4lyyCwRaH2qMxqZlf59zcYvwgQDZwaA1sdzwdvp:6LI9XCyCwRa/f/Z4pDk1s+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
526e8c980f299a6d89d7504dc8104390_JaffaCakes118

Files

526e8c980f299a6d89d7504dc8104390_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

LoadView

Sections

CODE
Size: 62KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp-md
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE