003ae7a6ecd1035e38025ce0215febf2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

003ae7a6ecd1035e38025ce0215febf2_JaffaCakes118
Size

6.7MB
MD5

003ae7a6ecd1035e38025ce0215febf2
SHA1

0d9f6c3412fbb07224d3fa833590fdd84efd8e38
SHA256

302965d745c63fa054f6b57df0e5fda963c2941d363272d4b9ed0a695aa29711
SHA512

daa67f8be1f7bb82c5f05a3a2ec951bbbcd0d7e40bc09e1e6aebf79caf2edc3948579159623597adfde17e8f1a24e5a7f5057c0d60527cea505970a50d562abc
SSDEEP

98304:fwxD1iJ5hRlW1RFlNNS4ziI5SBTyFdbV596gRMmA4XOmaLu6PmjHuqlcwLV9jxx:i1WRlWtlXzidmbV5rMmhXOmaLEOcc65

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
003ae7a6ecd1035e38025ce0215febf2_JaffaCakes118

Files

003ae7a6ecd1035e38025ce0215febf2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 64KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tygjynci
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

muuavbjv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE