ed10850ad8d0971da324de2c30729742_JaffaCakes118 | Triage

Sharing

General

Target

ed10850ad8d0971da324de2c30729742_JaffaCakes118
Size

2.1MB
MD5

ed10850ad8d0971da324de2c30729742
SHA1

bb2f3935b780d1200554d9915da9e87d76edffbe
SHA256

ba91d49ac453d3eb14950819a8cd6ee72aa704a24f1e47d0f8e180a3dfc768e9
SHA512

197ce8f3282cfc640e702841d87f088e4a86a1c95f3bdb78f806eb86d1b72684ebfc1f53b98e8708e71c87b92c8f5b5f969bd84194a3260ea7f95980ef54a8dd
SSDEEP

49152:EiobiV082zrjoFFfQnU26RO0QaXIe7P7uCzrlOrtD57loZQu:ZVX2zraE1yIe+CzrlO557pu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
ed10850ad8d0971da324de2c30729742_JaffaCakes118

Files

ed10850ad8d0971da324de2c30729742_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iqgfbynw
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cqrxfbkb
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE