3b779d121ed365d61c3ec0bf3945f428_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b779d121ed365d61c3ec0bf3945f428_JaffaCakes118
Size

3.6MB
MD5

3b779d121ed365d61c3ec0bf3945f428
SHA1

9b2e3da274758c15b65aab85478dc6caf0697de5
SHA256

e93d8d78ffbd5f7a40f93eaab71338b8d1b0586225106fc031b0c7a274873468
SHA512

cf983318fcbfed2c23d397988b1aef5080983cd29fe538e7ab313fbb0fea755e004ae82461489b2d3cca5ca026a43653901fe79de83ff17cf9fd6e444a015b6c
SSDEEP

98304:fdQxi5Snd0QuN8Y2vrbhYyWISCWOhnfq+Bcs20:fdtMnd0FX2j9fQAnLGs20

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b779d121ed365d61c3ec0bf3945f428_JaffaCakes118

Files

3b779d121ed365d61c3ec0bf3945f428_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

.text
Size: 648KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 936KB - Virtual size: 935KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE