fa035076d1c1ee00928510fbce05e094_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa035076d1c1ee00928510fbce05e094_JaffaCakes118
Size

1.2MB
MD5

fa035076d1c1ee00928510fbce05e094
SHA1

265153d87afc0c6e660350db66734c1e2fd1ee16
SHA256

1bb20dfd695071104d790b69e447c0a8b83a756ac9cb65e04949d2b05e3e1c81
SHA512

1faeeb0d19def198c7434d1fc25e1bc9c29ead8b6d6ec940279b32d73b7a25c92ace3035ce7b9210616b7fab72b688aac2355b93d93ff2ec700f635cd4d33a42
SSDEEP

24576:WSOFdqHt9v+Rideb3Vy1cZMIWwLfbMKaCuTaf/DrEZyfmtNVQjs4Ak+/fWeHb:KXCDv+Rideb3A7QAy5DrEZyOtw6/OQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa035076d1c1ee00928510fbce05e094_JaffaCakes118

Files

fa035076d1c1ee00928510fbce05e094_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jejcvbjq
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gfidrslk
Size: 380KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE