ad6761e331ab3b7c52607c3f824e5c70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad6761e331ab3b7c52607c3f824e5c70_JaffaCakes118
Size

2.0MB
MD5

ad6761e331ab3b7c52607c3f824e5c70
SHA1

d409778dca72f9b1210c43ec35eee76a04acb1e7
SHA256

4b4fcee3de9f0c3866a53e888ec874c3d49122f6b678a7c01203dba6db56ad14
SHA512

fa0504eb3e7a655bed0c86157545d0f9a1e587888aaa29c9d23415ffd388e1880c51273a0e3d1d25f7d102808167ad321a04b98132deea9ddd5385eb4bfc5c77
SSDEEP

49152:6nTQ395zJatslKdenSl8W5BPjcrce6UwR97:sZJd0Sl8WDscek77

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad6761e331ab3b7c52607c3f824e5c70_JaffaCakes118

Files

ad6761e331ab3b7c52607c3f824e5c70_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 779KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dnhsrvyd
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mvrspppb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE