fbb20874ff38e5a8d37c1645dbd7f3d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbb20874ff38e5a8d37c1645dbd7f3d3_JaffaCakes118
Size

4.6MB
MD5

fbb20874ff38e5a8d37c1645dbd7f3d3
SHA1

391845173f013b5f7d89b524acde10e3e8dc9c73
SHA256

d11b3e6057be296c3a0905bf3035b2eaa251094a3f43a773b64f73e7c6e59805
SHA512

75d44fb660e8fd0525e079b67054ce11239d4b1628b196a8646e8d3f87a9de9d4ec5a208e89edccf198a4722ca2b07fe972100391d681382f78e40164761a5b5
SSDEEP

98304:yfWfTh4i2GrqD8yPXvtgv1yzn5C9UP0FGuVuaiqHmgCg4pVt75:y6TuOrqDnPvq9yT8HVuUGg0bL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbb20874ff38e5a8d37c1645dbd7f3d3_JaffaCakes118

Files

fbb20874ff38e5a8d37c1645dbd7f3d3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 155KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cflbbhzx
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nbkpcelz
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE