f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118 | Triage

Sharing

General

Target

f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118
Size

3.0MB
MD5

f6b63376b79682b34cfdaa2fb24b03fd
SHA1

ddb0cb899573fa456a4ed7379b6ff927ea30b78e
SHA256

2d9455ccec4cdbba6e7cd26a405c74227e7c03fdfa017d3217c443d7ada0d011
SHA512

048082ffd04fadbe679c32e8813f39a5414302c7acd9c88b6c74422c850f1987d6d657f451dd0afcfc650669855585757dd1436a4d231f97b646cf22e378adfd
SSDEEP

98304:07/rhlGcjcTRsVIoGavZFYE1wM+M6d0MkIM7:8acjcNsVXTkE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118

Files

f6b63376b79682b34cfdaa2fb24b03fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 380KB - Virtual size: 976KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 441KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gqwlzxjt
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vuwyfeso
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE