a942a3b9805d7470e09f95e32d267faf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a942a3b9805d7470e09f95e32d267faf_JaffaCakes118
Size

2.6MB
MD5

a942a3b9805d7470e09f95e32d267faf
SHA1

caf21a2b1dfccb03266d7339be5268401fa98a75
SHA256

43b57f40dbe6086ac38377a1d786d7a0e5939a70887a46b424c609b6cd29757a
SHA512

154fb413db9a2d8967f88e733d44042c0b18d310aea575aa8e902cbb95d4bbb70bbba7be8fafd882f24e64e37ea351aa943bbc7cbf27d22075cd5f260cdb5d3f
SSDEEP

49152:yBHO3JU8ZAPGEgd64A90AD6tpO/c8F8EaQTvZmO8gB:UKJUhgk4AKC6tpwlGJ+B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a942a3b9805d7470e09f95e32d267faf_JaffaCakes118

Files

a942a3b9805d7470e09f95e32d267faf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f6491cc184dbf3e95c10b52cdfb05ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualQuery

Sections

Size: 319KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pwsyhvly
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eilsajax
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE