f36adf25c1587c984dd8c0faf357f6de_JaffaCakes118 | Triage

Sharing

General

Target

f36adf25c1587c984dd8c0faf357f6de_JaffaCakes118
Size

2.7MB
MD5

f36adf25c1587c984dd8c0faf357f6de
SHA1

0e2129ffedbdaa13e5cf69aa1625bc1830e5d629
SHA256

33d1c346f1d298210b00eb8ad3f2a70989b87fb13594cf40c0dbe11716fcb0fd
SHA512

80ea212f0a71cc883413b8ede12a200a550ab06f38eb22074cbaca22a5c1fba26d49f3c2553a8766004c1aa9fd7b16e6a08051c00acaeda008a4fa9b7f6a61f8
SSDEEP

49152:srPDYjNxDYc2qJnep0QUumlhO1YTL8WURFPObeQ3s5Ax37lzOI4WSR:2+9JuBMhO1yLOybeQ8c5yJR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f36adf25c1587c984dd8c0faf357f6de_JaffaCakes118

Files

f36adf25c1587c984dd8c0faf357f6de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58e683abec29a387daf56221678b4318

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ReadFile

Sections

xlxlcntm
Size: 318KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aqrgnvrm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rifsnxqv
Size: 2.3MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fnbxkreu
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE