47c863ba486a84bf4180ef70b688c0b1_JaffaCakes118 | Triage

Sharing

General

Target

47c863ba486a84bf4180ef70b688c0b1_JaffaCakes118
Size

1.9MB
MD5

47c863ba486a84bf4180ef70b688c0b1
SHA1

b08a110c84f558ac5cdfcb0657ba32ac4b0da0a5
SHA256

c85a7ff7007b0a270172d53dbd9df4d324feb8f7e733fa4807e4fbff9e103c3e
SHA512

8d9f9eea8531fcb72fe27af3b33337b4aaf33ba486343938184524634c459918aa8e7e91085011c32d4b86f1f42de80eb928d49258eb9cf43edc735fee2c9e82
SSDEEP

49152:dsHn6ddTxK5vInS/X1piFvlsM2IW86DCqG1E+:mHidTxK5V/jiF9hJA6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47c863ba486a84bf4180ef70b688c0b1_JaffaCakes118

Files

47c863ba486a84bf4180ef70b688c0b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.0MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fsuqfhiw
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ylujasuw
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE