9dce6d571801f7ff4209beb5be521401_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9dce6d571801f7ff4209beb5be521401_JaffaCakes118
Size

2.3MB
MD5

9dce6d571801f7ff4209beb5be521401
SHA1

dbc9a1d3e865d3fad4e07dcb1cb99f6b10f18690
SHA256

5069286d8e7407177f6d55f0bd4a652c0fdc8de58ea12579b602620cf72770b1
SHA512

8159b9403682e643e71611aa18821fff216a91508d20180225f43132155bfe23a200439029e6b769db65a7be8dc1e115ded529ba69affcfe080ec3ae2bfeabdd
SSDEEP

49152:phXKBf2Y8D9tYZOPaayAv1VfLMUXvvTypntHV8bHvQOq2WaDn:PSmLFT9pteNX8jo127n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9dce6d571801f7ff4209beb5be521401_JaffaCakes118

Files

9dce6d571801f7ff4209beb5be521401_JaffaCakes118
.exe windows:6 windows x86 arch:x86

689349b51d15e874d0f8fef5b196ac86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW

Sections

Size: 309KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 266KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

onetgrpi
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lgtckpdd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE