ea375d1d9b51b6145baf7f2c4cf0d814_JaffaCakes118 | Triage

Sharing

General

Target

ea375d1d9b51b6145baf7f2c4cf0d814_JaffaCakes118
Size

862KB
MD5

ea375d1d9b51b6145baf7f2c4cf0d814
SHA1

530a7ad4c5a58b48ec66c2969aecfb7ba4f53ec3
SHA256

bd15afe049d3bf51b78dbb07db7b2f24c5d840b38400dd5566ee4b1426dc8396
SHA512

223576e816d4f8fbfebb27deeab3dd8823890c7e72a0301e7d9df32db1b31c0c629f6f423cf5739bcba5be55b06b9e0b412add390dab717fb6526c8993ff74f5
SSDEEP

24576:G71jxkhv8YgP8NJQvpRdBWQkLgjAvIX17TrT:GjkhvdVIRB8LHgVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea375d1d9b51b6145baf7f2c4cf0d814_JaffaCakes118

Files

ea375d1d9b51b6145baf7f2c4cf0d814_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 26KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ojrecaaw
Size: 818KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vfgaqsns
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE