174ab596671b7a72fc2585d215776cd8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

174ab596671b7a72fc2585d215776cd8_JaffaCakes118
Size

1.5MB
MD5

174ab596671b7a72fc2585d215776cd8
SHA1

d7743e8daaab668816d36b78528e3b82bc6cfb85
SHA256

61bca558769d3e9821117d0dba9c6f4eb5ce3bb29cf52099cc408ee15809a40e
SHA512

bfd694dcd707679a47733693492d047b46eb20c7b4601751ade8b46c30eed6975e0d1b621f107ce3905597c6fd823c4350c3b127755099110ef197a13be8afaf
SSDEEP

24576:v/7bJjR/Frnan8XS6LQvug41AZPKdpLw9pMWtaA8z4D1vEa3GWFqoE28n6r4:L17j08KgvLw9D8AE4D186GiJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
174ab596671b7a72fc2585d215776cd8_JaffaCakes118

Files

174ab596671b7a72fc2585d215776cd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a68e54628256d1f772051db3928e6496

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

RtlUnwind

Sections

xhwhcctm
Size: 435KB - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 354KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vrstowyz
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

euklstzr
Size: 771KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tdpfoxxs
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE