778e447b6479213c9cd8d1862dfc076c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

778e447b6479213c9cd8d1862dfc076c_JaffaCakes118
Size

3.4MB
MD5

778e447b6479213c9cd8d1862dfc076c
SHA1

d0b14c87e5e56775d0276e78a1af21545d82395a
SHA256

6d1e3f4db7581209ea6769db3819748a7a9b2b0ea0dbe0dbc4a830421d6b14b4
SHA512

0f47fc06dcb5f30d7d846c01a87c9d117516cdd911104c7cbb5b63ab53caa29aeaf9891dc185b8f3e6e0491ad2475e970ed45c6b1cf23069f76f0c1913fd94d8
SSDEEP

98304:+ju6robw7Nb3JUpbQnzyFY/VeIRPa54u+wTe:+ib6Nb3WbQzEzzFe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
778e447b6479213c9cd8d1862dfc076c_JaffaCakes118

Files

778e447b6479213c9cd8d1862dfc076c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

.text
Size: 653KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE