ba5648639afbd8699cd27c05eefdbbbc_JaffaCakes118 | Triage

Sharing

General

Target

ba5648639afbd8699cd27c05eefdbbbc_JaffaCakes118
Size

201KB
MD5

ba5648639afbd8699cd27c05eefdbbbc
SHA1

5fb7e1ba7c9f395c8e5b009e1c3973568a02fe1e
SHA256

ce818ec8ca5ef18fbd67340fa4250007021d7d934bbdde9e2c24f34ee09c46b8
SHA512

e4541edb7ad3be5cffcc290295217546f22789b4799edc20100a57f007615d7ea6ae9d3c627ec8465371ebe28f22a02c87851a1f50fa4f96dfe6d9b1aa5f2c3c
SSDEEP

6144:KXtV2143KFZXcKhWOkbdDA6Adi6rpbGEBOcny3j6U:KD217nXcKhWiTimBTOc8j6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba5648639afbd8699cd27c05eefdbbbc_JaffaCakes118

Files

ba5648639afbd8699cd27c05eefdbbbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

nulo
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

nulo
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 255B - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dnulo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nnulo
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nulo
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ