891f2f646bca42dec82bb31cf077a434_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

891f2f646bca42dec82bb31cf077a434_JaffaCakes118
Size

1.9MB
MD5

891f2f646bca42dec82bb31cf077a434
SHA1

26c93f0b88595ff588c476c7969bcd42f8e95a15
SHA256

548d56989008e803e7019f771a45d2edc844f388130e8f7760edbacdd9872fe1
SHA512

936ee9dddbd61e59b96c31ee571b899fb562acecad9a170fa3ef625f4c5ad3c2d8a81a6c50f81ced299ad57ffb2896ef02f7cd36c02338ced9d73970d9bb5cd1
SSDEEP

49152:hfrB3aCYouKNotVM4ZtuIJM3CYy9iDt1WIp7g:hV3aposvuIwgAv9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
891f2f646bca42dec82bb31cf077a434_JaffaCakes118

Files

891f2f646bca42dec82bb31cf077a434_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8077ffa51462ddb0623981d33e080df0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32 msvfw32

GetStockObject q(

Sections

.text
Size: 1.1MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ