de0ba07e5146496317640b24324eff4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de0ba07e5146496317640b24324eff4b_JaffaCakes118
Size

2.1MB
MD5

de0ba07e5146496317640b24324eff4b
SHA1

be5c33db11aefbf9859bfd903af0b1533fda115f
SHA256

9944657c7be81fc7af74d35f447fd988b1d7ebf6cf9dd957012b16cff0e79938
SHA512

0a79a1df32191ddb38c727ec34fcc0f9445bcf8acc714937f006859e89be46755c2057747de344329adad0a76e1969c870a2b7ac208adeb380ea49f8b22f1eab
SSDEEP

24576:bbW+c1FWA2IWT6IrgXIl16RlCrBqnCradm6I5hdYX/6//m5rUZ+tGiggITpscZCS:/BcyTtT6Irg4fzBOBE6493WrkhTpZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de0ba07e5146496317640b24324eff4b_JaffaCakes118

Files

de0ba07e5146496317640b24324eff4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lyxkjuaj
Size: 915KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kvhmbwik
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE