631e06243e9ce2d9dfc0dd310e73031d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

631e06243e9ce2d9dfc0dd310e73031d_JaffaCakes118
Size

408KB
MD5

631e06243e9ce2d9dfc0dd310e73031d
SHA1

2d8d86a0982196217f014e4b324ebc8af480ad2c
SHA256

567a6733f6295277bc9df21856213072319d128c86653cbd351c4b91f8b7f434
SHA512

d439ade4e72d7699f634f58802e24f4daacd6867652c65ac70a90f12c6f4a41a5f7fce5b28cdae95028e7a3df6f24702b78653c2e84ef1c8020f6d3f6230b795
SSDEEP

12288:5zib2d9/4pHPPQIi0/aRQli8GM33twnMMMCMMM:5PuHPGkKOi8GM33KnMMMCMMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
631e06243e9ce2d9dfc0dd310e73031d_JaffaCakes118

Files

631e06243e9ce2d9dfc0dd310e73031d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@THackApp@CallBack$qqsususp7HCONV__p5HSZ__t4p10HDDEDATA__ulul
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 285KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 67KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ