f1ca9e7aa00e6ea4f8edda8aef2128dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1ca9e7aa00e6ea4f8edda8aef2128dc_JaffaCakes118
Size

584KB
MD5

f1ca9e7aa00e6ea4f8edda8aef2128dc
SHA1

1320bedaba8db1db773c8c7414bdd72d7a23eaa0
SHA256

0f59236d1f24ee13c5ce6f14caa77263e67f64054ae18da657bc9ea8f7e7899a
SHA512

a38642d396c0065d90a5ce2d582bab3911bf25833c0cb3475fb90a141cd987a336902880309bceeca6b5b8871f52b574bd0e4111c8a8b0d427b072082ea212a2
SSDEEP

12288:wslx1He7/22suBGUsOnW4hK7/2RYT/y/lzaqSIjWOobQJKGe:L2O2HCOnW8KFzk7tebh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1ca9e7aa00e6ea4f8edda8aef2128dc_JaffaCakes118

Files

f1ca9e7aa00e6ea4f8edda8aef2128dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wauaxuls
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kydkokqm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE