4ab9d8ceea3f5680e184495b7db5cc67_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ab9d8ceea3f5680e184495b7db5cc67_JaffaCakes118
Size

1.9MB
MD5

4ab9d8ceea3f5680e184495b7db5cc67
SHA1

02544339931cb4a6cca4b8f771e181876d08d23b
SHA256

60ecdfa9ddffed9e42d65200b975475407a86ede5ffbaf5436670d6236560edb
SHA512

21221afcce6133ce03ddff17b31e1d6c42f7e87fe17bd44acc72548a444f1372585ca0447a7cb89fe5be583db97bf50a609cb3bee17c68871b0e12f68bcd00cf
SSDEEP

49152:kHVgiGeFHz8bcbChNhCvNZ4OuzShC8o7S2Jv:yginFHz8bhQNBuzntv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab9d8ceea3f5680e184495b7db5cc67_JaffaCakes118

Files

4ab9d8ceea3f5680e184495b7db5cc67_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 716KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mimktfre
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yvsofpvn
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE