f505de3e57a38863c6bc99b1c5a774a2_JaffaCakes118 | Triage

Sharing

General

Target

f505de3e57a38863c6bc99b1c5a774a2_JaffaCakes118
Size

1.9MB
MD5

f505de3e57a38863c6bc99b1c5a774a2
SHA1

16438b8db2440a0fc2619b5d14c9a6f38f7fec7d
SHA256

c1da97550f849ae2bf8fd308c4c7703278dcb8628b71d610e8e94c7c773a1ee0
SHA512

4453424e3abfbbdc13ba6520a0221991a6059a30426fc142811ec1157f562dd1f7a0bf1c5a0cf2d65ed072d3b8e82355caa47de24e0e714b5fc81669b6f67baf
SSDEEP

49152:si6H6C21MRe55CsXmySdCDMKfN7HH/Mn4TcQZ54K5:sH21Se5YsXmySM4wND89QvZ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f505de3e57a38863c6bc99b1c5a774a2_JaffaCakes118

Files

f505de3e57a38863c6bc99b1c5a774a2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 34KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

icrdwopv
Size: 723KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gmouzpeo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE