bf5d03402a15a8872218539c6232e030_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf5d03402a15a8872218539c6232e030_JaffaCakes118
Size

2.9MB
MD5

bf5d03402a15a8872218539c6232e030
SHA1

3ff22dcd0485daf0cb42ef6f6a609d118bb0cc84
SHA256

7544711b1aa865d12de9e3b21a7c68a2c2c6a59f820adbbed93320a968aebee2
SHA512

1c9076818e769f42b7341c7ba6a73e3945c80788d5342f008925464cd294a520ef4a4543038d5ba0d9733e80c16f6e7293e2bb16162e22fc4c7316e0a69c0eff
SSDEEP

49152:q6DC7bhftgrRgVJ9aAdhNDQjTsOjwMLC8qmEGI3XEd6QCZrjpij7bagfh74td:w7ArRoJ9tLtQjoOjPzqklsXgZ74L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf5d03402a15a8872218539c6232e030_JaffaCakes118

Files

bf5d03402a15a8872218539c6232e030_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 940KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

psobobqb
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

utqjwjen
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE