ae974a581b832d22a9eaa0faafd8d169_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae974a581b832d22a9eaa0faafd8d169_JaffaCakes118
Size

2.4MB
MD5

ae974a581b832d22a9eaa0faafd8d169
SHA1

e975fc74c54a2feb5a57f5a1c1cf96b664b03806
SHA256

414a659eee83a40618e90d20a3a125eadc6aa80eee313ce6dc11373adc9effdd
SHA512

cb58a2191bc088fd74fe4e60476a0ebc478b53e2efc6704928a26939f8b04f71f9993a5164bdc2d6444df43a953d39cd4bbfd833f44811b03329f5b9a363ac18
SSDEEP

49152:D0qJEWFjbuQhUDsRK0As5bo6A0ohYv6W49Na4r/T3Pf:PEWFjbuQhUDsR9A286ABWvx49r/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae974a581b832d22a9eaa0faafd8d169_JaffaCakes118

Files

ae974a581b832d22a9eaa0faafd8d169_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 37KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

teuiazrj
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

skgbetyp
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE