639c5176777eb4d0d8e4b2a15d1601d4_JaffaCakes118 | Triage

Sharing

General

Target

639c5176777eb4d0d8e4b2a15d1601d4_JaffaCakes118
Size

3.4MB
MD5

639c5176777eb4d0d8e4b2a15d1601d4
SHA1

54bb7638c3e1f2159644b86df0a3c22488c9ce38
SHA256

6b6cafa9c7bc66f4b11ba4f9254f099b0b6773f497b713cb45ee7072bd2cd717
SHA512

96f819a161d24332671cd3b49dc59a42c3000fe23c120cf44bedabedd85dd7956a424ab03fc72eb49a46fa7da3b26ffedf4935c38e62941acb5250e09dde70e6
SSDEEP

49152:zpkaSo/WYCIuxQLytxkOL0QRncMtMD6UJwINhtiAlZQOf/6k1l1:zn9GjASkDMtGNh9ZpZ1l1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
639c5176777eb4d0d8e4b2a15d1601d4_JaffaCakes118

Files

639c5176777eb4d0d8e4b2a15d1601d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WinLicen
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE