435101551ca568eac59bf1097eb8d81e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

435101551ca568eac59bf1097eb8d81e_JaffaCakes118
Size

5.5MB
MD5

435101551ca568eac59bf1097eb8d81e
SHA1

dfb068df0e5e58ed99d6113f89fee0201a8148c6
SHA256

05df1d591c14d8e80a80022b5b81457dc0d1ba547fa6a57274f4135c3adcbeb7
SHA512

672dade2ff834e50a4be8fe0577f8ba3233c3461199b681d25be9dbd71e959cce04fcbc48191b1a8567882f865ac276ddaf7214cc13fa9e57238e53c1582804d
SSDEEP

98304:IG3mdFFFC4tQsFVQqmzdFQtTv2V4QX6laTQEz4Rh4:JbSvFVf2FQtTv2hXfTQc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
435101551ca568eac59bf1097eb8d81e_JaffaCakes118

Files

435101551ca568eac59bf1097eb8d81e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 391KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.9MB - Virtual size: 18.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zfquuvmh
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ltcmzcxe
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE