ff79034c519c340037b8a3ec633a0923_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff79034c519c340037b8a3ec633a0923_JaffaCakes118
Size

986KB
MD5

ff79034c519c340037b8a3ec633a0923
SHA1

5c4a297cf7c668ac818382edfaa6bd0282bb322f
SHA256

898df3a9b73f1be6a2bd592a10c2d4ac77c22b6bb89d588a6aced5bf6759e883
SHA512

7e13e005012a1e526af73a5afd8d84fc86cb30f72c970a1e1b04ab407801d1434df228edf364a72edd7c662fe7f023f33ecfe489da42dba419c024c691321a02
SSDEEP

24576:vXt0xrWZh9zf5uuLyfNZ55vpuCEKOze96mWuJpsSbtsQ3:vXt6rq7f4Im3fv7jd6yJps6sK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff79034c519c340037b8a3ec633a0923_JaffaCakes118

Files

ff79034c519c340037b8a3ec633a0923_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 322KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vcixogqj
Size: 643KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jlbydasq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE