bd2a3038ca8b73a7ce47077b121e9ef4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd2a3038ca8b73a7ce47077b121e9ef4_JaffaCakes118
Size

1.0MB
MD5

bd2a3038ca8b73a7ce47077b121e9ef4
SHA1

d97f07852aeae13f3b37392aaaccb6929b60aad5
SHA256

ddf41244c06de01bfb28ca52dda47361caca659923bcaa3d0496612c8773ae5f
SHA512

3c9cbebae7d22b751c114e41282024b31fc59a35a149c0c8c3fb831188b3b87b3973a7bd3b91ffc789e75b1fff265d0456de8d8687ed1d4cf75e97f5aad9fec6
SSDEEP

24576:RX8NMp+qmMIga+GJ70tQ48ZO/Y20N40O8I4EThvznMrI:RXaJ/+GJwj8ZOI40OJ4UhvznYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/U1016.exe

Files

bd2a3038ca8b73a7ce47077b121e9ef4_JaffaCakes118
.zip
U1016.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

_EXECryptor_GetHardwareID@0
_EXECryptor_IsAppProtected@0

Sections

Size: 328KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gasujury
Size: 720KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qkgycxzj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE