4cb6577e476a863938b5587660139279_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cb6577e476a863938b5587660139279_JaffaCakes118
Size

5.5MB
MD5

4cb6577e476a863938b5587660139279
SHA1

99ab5eca527d6d0cdfc94dce7fe53a03b67e53e2
SHA256

33357cdad15c44afe08737377e54e63efc8b9c8030ede8cb6ccb8c864cf5ef69
SHA512

af08125eda19200202f044eb397cdd7889a9278b13e18c92bd3d272587502cf3691883fa09e31c4389e41457fa5c067d54e11b206bd0ef4d46f7173235c41c59
SSDEEP

98304:s4jLRYYgk2vqQqUP2+S3SFvqQqUP2+S3S:sD/d+A2+uU+A2+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cb6577e476a863938b5587660139279_JaffaCakes118

Files

4cb6577e476a863938b5587660139279_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 16KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uwchunlr
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hpveshvb
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE