d04927c2f4f970a001fa13ca1a5f4564_JaffaCakes118 | Triage

Sharing

General

Target

d04927c2f4f970a001fa13ca1a5f4564_JaffaCakes118
Size

721KB
MD5

d04927c2f4f970a001fa13ca1a5f4564
SHA1

7a9effac49bca5fbfe16a5ffd5214d2a9f3b69b1
SHA256

f4716656d1ab8bc52d553e82a0273e1196922efaa2f698203052310feadae96e
SHA512

1aee307a06a20408d68bbd637fde3c1b1aa2199754decee9e90e7307dbe0316a5a22d67be795bd8e9ba0f9b9af5532778c149f29cd25b68ffaeec622333221ff
SSDEEP

12288:1GBJt1zDzswBfLBuWtUvpeTkgGjvpEfXXkG/kxilQ7QCVqv/o/gIFffh56aFxrbH:QBJt1zDzswdLsWcpezGTpEfXXn8xilQp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d04927c2f4f970a001fa13ca1a5f4564_JaffaCakes118

Files

d04927c2f4f970a001fa13ca1a5f4564_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 22KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

apqbjwho
Size: 686KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

grxkmmsz
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE