31e11092138f388e271f9ab2d161e2f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31e11092138f388e271f9ab2d161e2f6_JaffaCakes118
Size

226KB
MD5

31e11092138f388e271f9ab2d161e2f6
SHA1

9b89278cd2f92d422afc0274b2ab67cb88626050
SHA256

2f9c2a33c102d2e717caa2f48e7a9dde128fbf3159d0ddb0d2662ceff63ed3cb
SHA512

09c230acdd39a9da0a4b3c996756a72d502587e66ae24f8e9f121ce9e3f1d32db66de56be6ae5465102deb63c75a0531a02aa1f06cffac6e0b8d1910d7826446
SSDEEP

6144:oUUrFt6OtBPtk9kmy1ZzwksCsYB37LRcCBoX:ib6Oh9Zsksli3XRfBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31e11092138f388e271f9ab2d161e2f6_JaffaCakes118

Files

31e11092138f388e271f9ab2d161e2f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f005b5f12d54db840512dfbe1f47290

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA

Sections

Size: 49KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

txsuyzis
Size: 787KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kdnqvbnw
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE