b95c687a6a4952fa5311ac30f975c470_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b95c687a6a4952fa5311ac30f975c470_JaffaCakes118
Size

4.4MB
MD5

b95c687a6a4952fa5311ac30f975c470
SHA1

30f77bea5383bacaef1dcf5739e1c0c3e418415a
SHA256

1642942ec29333da5f6a972d1f902f8f0d617a0d78595de491e6f9a139ae39a9
SHA512

ba717aa3b17cf60a2c85db2c0eabcf15dca553deb78ffbad8e365d393bfaa59d3c89450494ed3cf2fe1f0e0315dadfc7be3410ce94c522b931d79c773fbba87a
SSDEEP

49152:llg9w2tMsEoyjHSYeA2D1vdturhyqtRwvAvSyw/y0KUdBcQ:llNvsNyjdeAj44QXyoy0BdBcQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b95c687a6a4952fa5311ac30f975c470_JaffaCakes118

Files

b95c687a6a4952fa5311ac30f975c470_JaffaCakes118
.exe windows:4 windows x64 arch:x64

dc12932426806b6b47a373d7ae42c21d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

mscoree

_CorExeMain

Sections

Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

efycndwm
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cluqkrbn
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE