06f905e6340ecae6ece290bc89ef5859_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06f905e6340ecae6ece290bc89ef5859_JaffaCakes118
Size

1.9MB
MD5

06f905e6340ecae6ece290bc89ef5859
SHA1

550388d5e518c3c04ae2caedeb19ce5df130487c
SHA256

71ad2c396872074b5ef70d1cc1c13b7a33f1abda5d12685c77a018830a313cdf
SHA512

708724634c22cf1f0f0660111a3721c3cfc29af33265583a30219a605a8cb62c806af292757f3a0e0c4ab2db3d92f424883ba41a60f7abf9f3670be888a2b7ee
SSDEEP

49152:RPEyJk2bqdJV7p9yRQKRVHWEt9sXSpuc1ayWBzGo:BO2bqonKJXo3fq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f905e6340ecae6ece290bc89ef5859_JaffaCakes118

Files

06f905e6340ecae6ece290bc89ef5859_JaffaCakes118
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wtmcvbfg
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mcdzwqrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata
mcdzwqrc
wtmcvbfg