8c7764d0073f7804a2d6b97efdf2f93c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c7764d0073f7804a2d6b97efdf2f93c_JaffaCakes118
Size

722KB
MD5

8c7764d0073f7804a2d6b97efdf2f93c
SHA1

8efc782c0e3ceaeb527534d433951dfffb408bad
SHA256

b69734c6366a1ec107b258186ffdc7926a385ddfa0f621137e1f143af124f725
SHA512

d59ed1352ac7528accb0f8244ff06a4eb8b7706d2c9e2d28da1ce962c35f298939e255e1099e03752c66c0c13871a4375e8c83205aac5e3a70d876ecf1399e40
SSDEEP

12288:hG9Fs7cyXn4E8/jwFaVYuZNDs8XGmURpGLCTN+eHhEDs4ZNqvwEEAQG7imzDS0Aj:hG87tn38U8VnZ28XGmUfGCTN+eMjOvGr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c7764d0073f7804a2d6b97efdf2f93c_JaffaCakes118

Files

8c7764d0073f7804a2d6b97efdf2f93c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ttzjnaow
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tqxmjtpl
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE