773a91429470ea11905d2894d0b03e4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

773a91429470ea11905d2894d0b03e4b_JaffaCakes118
Size

2.0MB
MD5

773a91429470ea11905d2894d0b03e4b
SHA1

8d0daae4b69896a04a1aa0b5a8cbe81e364a3899
SHA256

418d8725d576e4c1442f40937a69646a7276d3a8563ee4c8e5e9336346cc2ee3
SHA512

be0c69ae6556cb0f9620dcd39b87c5387a169365196f36dfbdc731b7b939264ec7453dad7cc59c929211c7cf7c2062ed42cefabd7a848c739fbd4b1b5e3de247
SSDEEP

49152:y7a4iiAeS5giGNZbNtK43p7UmMvp0P2/xM:y7rfynENo43pW0KM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
773a91429470ea11905d2894d0b03e4b_JaffaCakes118

Files

773a91429470ea11905d2894d0b03e4b_JaffaCakes118
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 106KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

odaedcwi
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nqaoxdnv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ