d0390e21783e2d60e3a5298bbf3528d2_JaffaCakes118 | Triage

Sharing

General

Target

d0390e21783e2d60e3a5298bbf3528d2_JaffaCakes118
Size

1.4MB
MD5

d0390e21783e2d60e3a5298bbf3528d2
SHA1

5c02c3c704e7323a68bc6c0938956b6612dc21ea
SHA256

20f90b1f80b4482238e08a24767df0c3dc879b6601c80435aca92134b98c9318
SHA512

b7debb5d19b0a87a353ec143cef976103be424a7135ed6dc83e09090dfc7ca5d9428efb3496bfc4820edbee44cf748088f2496b95ea4386d418b1e57bca0a5e4
SSDEEP

24576:Wc7hVZ/Xg67peL1SmsigA3F2GzEhWxee6QR21WoT8Jo97j07PssADXC6dhxpF36e:D79Xg6QSw33whWxFg1zCoFjyWh9IWZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0390e21783e2d60e3a5298bbf3528d2_JaffaCakes118

Files

d0390e21783e2d60e3a5298bbf3528d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

wpyvsstc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 716KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pjgxnche
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qydptjqs
Size: 660KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dxcnrtts
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE