359d4f7768ab8ea497a120e0397de752_JaffaCakes118 | Triage

Sharing

General

Target

359d4f7768ab8ea497a120e0397de752_JaffaCakes118
Size

2.6MB
MD5

359d4f7768ab8ea497a120e0397de752
SHA1

ecb9c218d00592b253d71a1666a859dc2582da8e
SHA256

df1136da7a320bbb6e6df23fb7984e622047d44ee4e5f43983771018a3ea57a5
SHA512

7a4977ffc0b8714703bc97c39613ca8001f8684753e230710b93144423389036d2f414e03233a726bc6aa6a99a285a5f304f8106d78f5b2d39ffc54f74b77c1c
SSDEEP

49152:ZChvnA+4L15JcAJeq7EwYUbAA1BD2dlK2NCCOYFYN/fNITkRHMz:ZwvnMLzJBjYN+BD2dlK2NCClFYN/ligk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
359d4f7768ab8ea497a120e0397de752_JaffaCakes118

Files

359d4f7768ab8ea497a120e0397de752_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b84bb012654768d9c6c828ef931271b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetFilePointer

Sections

cuhvnkod
Size: 318KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fkblngsf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cpxqbxqe
Size: 2.3MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mpglqmgk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE