65737775754e62755393a6cc67e4eae9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65737775754e62755393a6cc67e4eae9_JaffaCakes118
Size

835KB
MD5

65737775754e62755393a6cc67e4eae9
SHA1

a537d2c531a542aa26ccac22a603132b41dd2efe
SHA256

e401034c6cc8d8a8fffd71933b98c91c09d668a96329caf920c5d1559ed8d844
SHA512

0369d57db8c9dc24b300462a11bf2d5db8994efedbe489304249eef032fd104323ea98e4be7ef32d364715362f96893e61be0f788f8a59d2c12fea84d02fec90
SSDEEP

24576:W5TDFFVnt/h/oMGDO5AScwTCQsmio8GV44uX:gvRtpA5D9nC8RB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65737775754e62755393a6cc67e4eae9_JaffaCakes118

Files

65737775754e62755393a6cc67e4eae9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a7fe099da34cd07f5d172de83e30c0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA

Sections

xquqhfkb
Size: 49KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

besafxqj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

paxbhgix
Size: 762KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xgoinhgp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE