f581d6ff389a90a7d3f1946ebea34059_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f581d6ff389a90a7d3f1946ebea34059_JaffaCakes118
Size

139KB
MD5

f581d6ff389a90a7d3f1946ebea34059
SHA1

5057c4cc2b22c4b6e19cdea073c41f9bca8a4614
SHA256

c5e19f9c67f0caab782944bd9f0ec9574c96e042b4d85eed2a85def89fc2ea39
SHA512

8ea8107fbbed3d78e908bec9807075145d3093fc9bbf58ccf6913ea60e2c9ef85a92a73f4c8f32066f18bc9907edc09e6d60ef072d04388e6744eaae5eed6ab3
SSDEEP

3072:7/9/xiGnGrxEuz3zjvn/uApnvcUoKYM7dqoI+f8MpuSeluX:75xiTTjbWUUMhT98c5CuX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AAoCG/flchk.exe

Files

f581d6ff389a90a7d3f1946ebea34059_JaffaCakes118
.rar
AAoCG/flchk.exe
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.AAoCG
Size: 104KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAoCG
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAoCG
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAoCG
Size: 1KB - Virtual size: 928KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAoCG
Size: 512B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAoCG
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAoCG
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AAoCG
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE