bf43fd2a373090ec0093d4656f152899_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf43fd2a373090ec0093d4656f152899_JaffaCakes118
Size

672KB
MD5

bf43fd2a373090ec0093d4656f152899
SHA1

29c6a2359f7d465a67f652c077626eac678aa89a
SHA256

dda979a8d12b9ab3669adc07af593fd36edecb1a6c7a45046ea8549d94ddd828
SHA512

49c281e57f247b4a9eeb311585a744e2346af93d602a3d62b33200f5f4cd6236e19a8ee5fc23b56ccaa42ca54aaa8473f4dd3b685d65536e4755c7cb606486a9
SSDEEP

12288:IlBJ/Sd/7LbHnbLSVhko6yTFs/8JPzVLyD693sXzCHzrhfyhjBO:umDLb7GPx5tByDmizEVqs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf43fd2a373090ec0093d4656f152899_JaffaCakes118

Files

bf43fd2a373090ec0093d4656f152899_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27c70d9664257c3f87ffcb37c3dd0784

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
ExitProcess

avifil32

DllGetClassObject

Sections

.text
Size: 48KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 851KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE