f6ae1a009e35bad72e86079b11923894_JaffaCakes118 | Triage

Sharing

General

Target

f6ae1a009e35bad72e86079b11923894_JaffaCakes118
Size

1.3MB
MD5

f6ae1a009e35bad72e86079b11923894
SHA1

e1fd71bfa708bcca503f8acdb026110eb7ead344
SHA256

23e304230770e91b8eabfb113e45468925abbaa4bf0d56d42f41ee309042e5f8
SHA512

91b1c6cc978a2729da08ac11f07b27017afa978e0d424c656b1656fda2d0f4f6f199f953e0c5cbdd2b114b5e474b935e2ee6e6457651f2d8df1a71aa16d27162
SSDEEP

24576:gaM4SnVqARgA6wwedEhFVYaMNjr5Xqv7VUxwooB8DJ4U2qZ0EtWA+Hvp/:+4SnVjRTiG4FVYBNjt6zVUBoiDJXHZ0H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6ae1a009e35bad72e86079b11923894_JaffaCakes118

Files

f6ae1a009e35bad72e86079b11923894_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

wI8lz
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nLV
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

A5P
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yOen
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9SoZ
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE