fb5f2a02a309cb54f61ffe1a9c390e11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb5f2a02a309cb54f61ffe1a9c390e11_JaffaCakes118
Size

1.6MB
MD5

fb5f2a02a309cb54f61ffe1a9c390e11
SHA1

39d4b06519850ad36fb398c4650659e7d3c7b72b
SHA256

f79a6395790fc5b211aca74bef7093586f66b493ef8eead2ef2d830786cb555d
SHA512

601256eb30b1f5e92dfef064209ced351f82d0cea3999ea2b6d7889c196f22a43da2b10e8e63ab87ed18639dcea6bce04663b4eff00dac40f21a3c4589eb8e28
SSDEEP

49152:g91E5cmAp3mccdUy/9di1lb1dx4SvgQSG1c:szmiciyzqZ3vXSWc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5f2a02a309cb54f61ffe1a9c390e11_JaffaCakes118

Files

fb5f2a02a309cb54f61ffe1a9c390e11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 912KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

njgnidsx
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tqsbdkep
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE