04135f4a4b671ebf8c330295cc5e2b32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04135f4a4b671ebf8c330295cc5e2b32_JaffaCakes118
Size

4.4MB
MD5

04135f4a4b671ebf8c330295cc5e2b32
SHA1

3cb6b595e6687c9ac137fbaf7417cbf447ec8397
SHA256

f80c82e3b1c311fdb11d8fe8409aeceac2bbaa03dc168cbdf6cd8d0cebb475a0
SHA512

271d252764b3faf34e331d3e228a5893b11683a9dd2551aedeeeaf6a2b99854eafbaf453e4aeb51e1272f1236c1d4a7185a4cfdbc45e2d06b240cea7d495bca7
SSDEEP

98304:cFyB6SeCpu2SBE/iPXApW+30N1IYonSCmyfyx:cFy9U21QXWW+3wIBnVI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04135f4a4b671ebf8c330295cc5e2b32_JaffaCakes118

Files

04135f4a4b671ebf8c330295cc5e2b32_JaffaCakes118
.exe windows:6 windows x64 arch:x64

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 1.3MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qcgfkmmf
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

soaxydlg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ