63b62a33b1d1a017fa0855d34a62d783_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63b62a33b1d1a017fa0855d34a62d783_JaffaCakes118
Size

3.0MB
MD5

63b62a33b1d1a017fa0855d34a62d783
SHA1

a13168e0772c045ba6a2a45fd1a787a8380a02f3
SHA256

860f55ec3b31f9c825658408db993b496ca3d4ff0fd575c2b324bd721fdf2902
SHA512

668ea8de7569cfea82690689f296895efabda2d5452af96389a48431534d8cbd4949d8b7612ae7809861a4e57c19ec89c0a1d9a706cefbcb856e536bec1a5af6
SSDEEP

49152:cOEuTyMwnXvItx1hMvKxGWskV3ogvngDzhpwzG0tPE:dGMSA71evKxGWSN5p6tPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b62a33b1d1a017fa0855d34a62d783_JaffaCakes118

Files

63b62a33b1d1a017fa0855d34a62d783_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 403KB - Virtual size: 940KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nlcfmqnz
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eyozxykx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE