289b1b7e9d90c18cd5c6f5423dc0da9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

289b1b7e9d90c18cd5c6f5423dc0da9a_JaffaCakes118
Size

6.9MB
MD5

289b1b7e9d90c18cd5c6f5423dc0da9a
SHA1

995be23803b49ed69d98aea38a4b8395e8ee0657
SHA256

eca367198df8da8cc713bc3f3f983777e3c62cf863fc1b548f3ed06ed31ec631
SHA512

4ec7288b5a48b529fcbd2c90812a3895345d9e1bca5b000aa83bccbcbd9b09aca22c252ade4027e9570759a3cc95303dcba702295db66ac6ca10a3df35eb3ce4
SSDEEP

98304:1250QlNvn1zt8wlahxaq4MW4MGojPoJ59B9a+p5nvCHhvosMLV8Z9WH0TuCeesta:19W1DfUJG8lnaGqlosMLGYUTuCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
289b1b7e9d90c18cd5c6f5423dc0da9a_JaffaCakes118

Files

289b1b7e9d90c18cd5c6f5423dc0da9a_JaffaCakes118
.exe windows:6 windows x64 arch:x64

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 1.1MB - Virtual size: 12.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fdwwxzni
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fbegchbe
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ