41de873fc32e644ca9d5b7fbfd0e9fd3_JaffaCakes118 | Triage

Sharing

General

Target

41de873fc32e644ca9d5b7fbfd0e9fd3_JaffaCakes118
Size

1.1MB
MD5

41de873fc32e644ca9d5b7fbfd0e9fd3
SHA1

73aa931e8c6f7437cb3e7234a5860aef201ce957
SHA256

156b938650396ca58781396ab4c9f98f01188d61a9aeeeb8d7cfc5119960e4cd
SHA512

7d544d2bc2d6cb69c836fe74766054b9a104c77cdfb20ad4ba14001ac01f65ab11755371d9f48f80066b9013f4afe996122cb9ec9d841e6ea69356facffa9d82
SSDEEP

24576:iGwsWy/7Cab83RI3i0Iw+76n9cmnYiMSCMKrUDy:iOnDKI3iXwSw9Bn4Sqiy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41de873fc32e644ca9d5b7fbfd0e9fd3_JaffaCakes118

Files

41de873fc32e644ca9d5b7fbfd0e9fd3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 274KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

utapblzf
Size: 789KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cjrdmpir
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE