JaffaCakes118_cfbc12724a70e40d2c8198e0b6b7a31b | Triage

Sharing

General

Target

JaffaCakes118_cfbc12724a70e40d2c8198e0b6b7a31b
Size

7.2MB
MD5

cfbc12724a70e40d2c8198e0b6b7a31b
SHA1

72eae54b673e5847d76edc7414754cd3a031d53f
SHA256

d6b0deb424fc3aa7bcb783f29c826fd5505878a95f24586eecb0d0f086d34dd3
SHA512

de4bf0c456e7563ffa6ac4b0915c78f4f00a921d941e8808465cd8863fab1fdd1be8f553ad61b32d0e0878a037e9e665bcb86c80f4d9bac78f9e1586724752bc
SSDEEP

49152:PccBdkUSY+5zvCHT6xX379ZO3LEHe3Rh4mkR1I2j0iU50AX79UA7DPrFB2S:UckDeEGh4mkHj5l079UA7vFB2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_cfbc12724a70e40d2c8198e0b6b7a31b

Files

JaffaCakes118_cfbc12724a70e40d2c8198e0b6b7a31b
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE