facc885268ca467221cf86c7fd3c824f_JaffaCakes118 | Triage

Sharing

General

Target

facc885268ca467221cf86c7fd3c824f_JaffaCakes118
Size

1.1MB
MD5

facc885268ca467221cf86c7fd3c824f
SHA1

e758f8bb2f72608d4d07ab20b989307d9de3dcc1
SHA256

20985ab6a3237d8f4115c83752bcf67bbced9a0775b133b17f9c9b4ea671005c
SHA512

62bb381835fcf65de489d91364455810866a3024a76548c0fa0036cdbefcf5795b318fd30ab6dc6f35bf6118f253abbb2b2f45bb665c8ebd284765cd992c25f4
SSDEEP

24576:6GwsWy/7Cab83RI3i0Iw+76n9cmnYiMSCMKrUDp:6OnDKI3iXwSw9Bn4Sqip

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
facc885268ca467221cf86c7fd3c824f_JaffaCakes118

Files

facc885268ca467221cf86c7fd3c824f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 274KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

utapblzf
Size: 789KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cjrdmpir
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE