3f976a4d2ef0cc13955a9eb3ce34a7a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f976a4d2ef0cc13955a9eb3ce34a7a4_JaffaCakes118
Size

2.7MB
MD5

3f976a4d2ef0cc13955a9eb3ce34a7a4
SHA1

37abedee382808e54c18a504b5c113da4f5d38ab
SHA256

e71295c105381b7a267fc3e30de1b9851e3a125a5544e3800ede654871d5b29e
SHA512

abae9b7851c24d70433230c8ad8bb4de642ef5fa46377b9f06f5dc72fe11acfb4d05421b8782e6f0d1d53899fe5e9d5bb1e28e91e093e735b1f7763812db3022
SSDEEP

49152:9W2kkk1HXMylVweZ7f2OB0/g5EXzRP4Jjt/tP9zHBUGv+V:vGlZ7frBmRP4HtJqG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f976a4d2ef0cc13955a9eb3ce34a7a4_JaffaCakes118

Files

3f976a4d2ef0cc13955a9eb3ce34a7a4_JaffaCakes118
.exe windows:5 windows x64 arch:x64

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 252KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 963KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wgqfqgfw
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pzruumsx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE