25f7a060beeec7a5b952788465db3e8c_JaffaCakes118 | Triage

Sharing

General

Target

25f7a060beeec7a5b952788465db3e8c_JaffaCakes118
Size

1.6MB
MD5

25f7a060beeec7a5b952788465db3e8c
SHA1

616cb6087c9c11107a82d1cdd6d403c3c9cffd18
SHA256

08e2899d799d4b103ce73143d8d0cac5803d5a9bd8d75d35624de0a5278df15d
SHA512

af9d8834e181cd14a44f4a109d9036fa6d70953e0c987a478634c632783d1b63888116c846d3d25f9b087e7ea45a4ee3ecd5d69686a55bd630c85b3c00379301
SSDEEP

49152:0wmG94hUbREXnDKK7XxIx9P0FUhA6lpUKw:XFYUbeXnGK7X0TZw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

25f7a060beeec7a5b952788465db3e8c_JaffaCakes118

Files

25f7a060beeec7a5b952788465db3e8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 106KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lucus
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE