f9f256b843aae4be2a6c09bc96cf5934_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9f256b843aae4be2a6c09bc96cf5934_JaffaCakes118
Size

820KB
MD5

f9f256b843aae4be2a6c09bc96cf5934
SHA1

5c7f6d6165d666db87bc4d9677d58303468515b1
SHA256

06476c8ae7749174512e6a5660bf7a3551775cd78bf734ec3fe5075c69c94fdf
SHA512

034a777872e99db0eac276ef26756ca46b1e1609fe5a2a529c39560112038d09408652ea284b4a8b29ccb65fe01cfe0a2c4e4648dcc4900c17120590f3ce6bf2
SSDEEP

24576:X5TDFFVnt/h/oMGDO5AScwTCQsmio8GV44:pvRtpA5D9nC8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9f256b843aae4be2a6c09bc96cf5934_JaffaCakes118

Files

f9f256b843aae4be2a6c09bc96cf5934_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a7fe099da34cd07f5d172de83e30c0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA

Sections

xquqhfkb
Size: 49KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

besafxqj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

paxbhgix
Size: 762KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xgoinhgp
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE