b79f8194aa230bee8169f626c795efe2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b79f8194aa230bee8169f626c795efe2_JaffaCakes118
Size

836KB
MD5

b79f8194aa230bee8169f626c795efe2
SHA1

d2b37c2678b98a93b4b72c089b531cd8fb3fe43c
SHA256

8d59adff791292fd65bc2ccde540507c433924900a4595d7249dccd2d9e03448
SHA512

26eff30fe50ba9ee5919e3b357c8cf92f3030fc47f0d1ebba8f8f9a72d562b38cca3ad6412500721546939456c5895895b19aee2d03a602d93038a7c78b8bf35
SSDEEP

12288:5Ttjrcs4fDqFdPhMzLnaCUXdL2Bt4V/aNTxv+oIMbwMWptB+iRpqrie8P4JEEStJ:5p0s4fQdJU5UtuEYTxGoIGM++mr5EES/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b79f8194aa230bee8169f626c795efe2_JaffaCakes118

Files

b79f8194aa230bee8169f626c795efe2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a720af44a2468f7e1a73109ff36b555

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW

Sections

qznlpkpr
Size: 224KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

imsmxbpx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hpjmxfqt
Size: 592KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ibggafld
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE