f5c7a248358807ee77d6766355b7981d_JaffaCakes118 | Triage

Sharing

General

Target

f5c7a248358807ee77d6766355b7981d_JaffaCakes118
Size

948KB
MD5

f5c7a248358807ee77d6766355b7981d
SHA1

d79998f78afb0607bdaa84cf254c63897d0b7a08
SHA256

b18d259bd1629c923de440c169cdc7b8ff75df1745b719f242be2ef7f98815c4
SHA512

3a56bcc61dff65d1ab2629d181a9055d2c7bcd5f09c717cae6b0d6eb28bd9a4d4b35d9f61fc6582aed0e65e7c55dbf7ca8baf0398b9f75f7d78a078a8e44c978
SSDEEP

24576:AT3dYE9fAq6/kiYoIhYwn9rI/VbnhFFtex1j80hTC:wdYE9g5sHId/FtYfu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5c7a248358807ee77d6766355b7981d_JaffaCakes118

Files

f5c7a248358807ee77d6766355b7981d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac5547a4cef5a0a41523374a369ff4b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA

Sections

rmfabyrr
Size: 106KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gnrvloui
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nrlyyrmm
Size: 812KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ivyftlox
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE