bf0ecad9d64422e60c8987a2eb62d8ac_JaffaCakes118 | Triage

Sharing

General

Target

bf0ecad9d64422e60c8987a2eb62d8ac_JaffaCakes118
Size

936KB
MD5

bf0ecad9d64422e60c8987a2eb62d8ac
SHA1

5c2c4af58c29cb4b71691d4d796b652bf6709afc
SHA256

cb13319217c269d40846ce0d7ea785cffce80bcdb6b7196c89a6315004102015
SHA512

903957c6b19eaa6437c03310dbe37e4fdfc73cb7ea5af115737c379c97e64747b3e982dd79a06d9200473a6be4be851cd8006968c9c61410222f214dc45889e7
SSDEEP

24576:JsUSMo6Jjmp4A8YkDZh06tirQXLDncZDPlG7382vxRVac:yp4hTiWgDNS5fVac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf0ecad9d64422e60c8987a2eb62d8ac_JaffaCakes118

Files

bf0ecad9d64422e60c8987a2eb62d8ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iwgetexw
Size: 868KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

elsstwyh
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE