890474d7274c20b0d7d4265051d8741c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

890474d7274c20b0d7d4265051d8741c_JaffaCakes118
Size

838KB
MD5

890474d7274c20b0d7d4265051d8741c
SHA1

650b2bd5d1c46a6c1be6992a94f4e00285862e39
SHA256

ded9c2c723e09247f7173401af8f95eff3547ce3feff0575866d3fd21762d633
SHA512

37770bf4dcd46527e8cc51b14b2b1fd7963d1bbb5868b4706dcb4fb528adcfc0291d3dc3f5fbd7cd63ab6ff231d338cb1a85fe35efa617a419ee7ee5306eb35d
SSDEEP

12288:bCSwGuDa75G9qcEcD5AR/2LcJcCZ3TsnnK5QZeNp4P6XKA0U0:bpjuDa75G8cptAv3AK5LNmy6A0/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
890474d7274c20b0d7d4265051d8741c_JaffaCakes118

Files

890474d7274c20b0d7d4265051d8741c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

35a9e9974c673669c35cafffdf20e1bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId

Sections

gerchhjz
Size: 251KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fvyvzoyh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iiukvdkm
Size: 558KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wtdopebs
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE