31e5d599577d121e41c51db704e0bd83_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31e5d599577d121e41c51db704e0bd83_JaffaCakes118
Size

5.1MB
MD5

31e5d599577d121e41c51db704e0bd83
SHA1

6ec1b34a398b65063548932c03fcfceb47dbd7ec
SHA256

de3dbb8c88cf6e5b2aa6b48945f53c48dc40f72eef4152f3a36792c9d28d209a
SHA512

07350178c7957affcb4965b95210e5f63019916942d3acb57687e7236b6260f60963aba6342e3e7d3fb3b5d0452bd8a31a6c8155bbf293010db9f14dccef6f33
SSDEEP

98304:SvBNd2XkrUlgC8vg9v6GpNxgicI3g0vWu89UlQ9puA9Y4U82rVeOJJOqk11p:MS4Ulr8vgDNdcmXvWughppOFcOJJzkLp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31e5d599577d121e41c51db704e0bd83_JaffaCakes118

Files

31e5d599577d121e41c51db704e0bd83_JaffaCakes118
.exe windows:5 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 172KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ekprzfxp
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

helowjkb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ