dff5976d3f8b92bb4d0b32bddd7d8d8a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dff5976d3f8b92bb4d0b32bddd7d8d8a_JaffaCakes118
Size

3.9MB
MD5

dff5976d3f8b92bb4d0b32bddd7d8d8a
SHA1

a1fdb4023fe9b04cfec9df1e7f4b45d02837790e
SHA256

4758ebb6ffe7666ef59b46908df1caf6f136bf531312a1c09b1de7ede566cf28
SHA512

3b9faba9fe4018844617266e13fabd4ff84f97dfbb4adcde4970f31c42072fc9f59f4ccfa2dc07cdcf0a5347f52bdca18aae8d9046646f9d09c96d83b0d39a79
SSDEEP

98304:q7/IJ+rKn4JjB0X2BL/9HShr7ccmkmw/buTDF8T:u/2+rKnAm2zcvmkmmbuTaT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dff5976d3f8b92bb4d0b32bddd7d8d8a_JaffaCakes118

Files

dff5976d3f8b92bb4d0b32bddd7d8d8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 536KB - Virtual size: 996KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cmjetdjv
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ubvcslrw
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE