49bda9bb5e2f01c74a14e19036cb6bc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49bda9bb5e2f01c74a14e19036cb6bc5_JaffaCakes118
Size

2.2MB
MD5

49bda9bb5e2f01c74a14e19036cb6bc5
SHA1

b31c05e610f6b41f6b9ca03275f64129de916bb9
SHA256

8f893ff901a311fc9f9beb57fa12304c2c38967b8f70cb1e9b44bbd199c5280f
SHA512

9445ae1a04a8fa6c49850deb4cd326e0805bc1c65a5f525d26b45400570a90e2c9ae5c8d72a946b006d79b19feb3340ee6a656dadbf015300ba610389542f874
SSDEEP

49152:SninBkenoyh44ZQ7umUIfEYHVoegIablS/gntkyHm:OiBkenoM44+HBfEGzXbAaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49bda9bb5e2f01c74a14e19036cb6bc5_JaffaCakes118

Files

49bda9bb5e2f01c74a14e19036cb6bc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aae8dd4529e3aa5bca248967a9c29901

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessVersion

Sections

Size: 248KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qkdfpxwn
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

haoeaguv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE