216e267abc281563f95fd45addaa1924_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

216e267abc281563f95fd45addaa1924_JaffaCakes118
Size

688KB
MD5

216e267abc281563f95fd45addaa1924
SHA1

ed41107eeea25d95b0eb0a662c609bdb6a18c610
SHA256

2b72746ede46c5750f6d30aaa9e55a9d30082b7e72fdce2d1d05ae9b27438c9d
SHA512

d9133f9ac61e633ffdf16c9a230b7687bfb56bf43924cd3df53c9b4c26dadc4eeeb4ec71effce97a8bf0a89fbe6f6b54a27b8d214089870d31005e1ae7292501
SSDEEP

12288:f25WReqxKRP4aQzGUHGZ3SyYyQTnRiILqemupv3dm45trUW1tLQ2VgIVxk6:fCnqEPKzGUHGZ3SyYbwILd7LmgtQmLQM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
216e267abc281563f95fd45addaa1924_JaffaCakes118

Files

216e267abc281563f95fd45addaa1924_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 80KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wwzvciwg
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

drpnrutb
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE