e80d5e181e953513ba5f52d675d49fa6_JaffaCakes118 | Triage

Sharing

General

Target

e80d5e181e953513ba5f52d675d49fa6_JaffaCakes118
Size

2.7MB
MD5

e80d5e181e953513ba5f52d675d49fa6
SHA1

af8722f9152dca826032fc3d93a8a8ed8efce319
SHA256

f1428a8c12b19de78a2c4140dc5c30775335f2f559a514a69a6ad07e5c30799b
SHA512

bb8ed4540fc31e5195907e6012381cb9bc767eb68784fc9020e7d7dac46b198c00c69f0f524d51423842eca9967d508ca60299094c9683e05859c63a6699e4ef
SSDEEP

49152:IqOLubcB3WXAHQHwywGohlkfRfIAQyiv9EWsCcJky0fwsuKnr3Rzs/SinkxRsvpn:ItuoBmXHH1uhiJfWVFVDcSyMtTFYBn2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e80d5e181e953513ba5f52d675d49fa6_JaffaCakes118

Files

e80d5e181e953513ba5f52d675d49fa6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96a5988e559d34ed85930fa142f118a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLocaleInfoA

Sections

Size: 314KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lhgbtkbu
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

udxihgqe
Size: 36KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE