fc79ef37b31c9e4474a6fc0518f7ba41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc79ef37b31c9e4474a6fc0518f7ba41_JaffaCakes118
Size

9.9MB
MD5

fc79ef37b31c9e4474a6fc0518f7ba41
SHA1

1c2afb8494ab9a869570c23efafadf88417eac8c
SHA256

7cbc9dc1c84350304115da4fe2ec495c8165e2dafc734fd0f022acc5ba4ffef7
SHA512

cc3bad07d87eb97bcc2b16a97a27c8537128a6c8eef9a6846ab136d3028b3b42e9c6fbdaf520b3e841055bb16ca16e7bb67d9fe995a51aa2188a376fb3e61cb3
SSDEEP

196608:NKa+uBH24J5qbwmJ8EHlfTCW6EWAFYU0+4BGIOuW+3thti6Adq:NKa+SWbwCteW6EWAFYu4BX7JTtS

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

resource	yara_rule
sample	pyinstaller

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc79ef37b31c9e4474a6fc0518f7ba41_JaffaCakes118

Files

fc79ef37b31c9e4474a6fc0518f7ba41_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 93KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ntjfrzjp
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

naeuvbib
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xpom.pyc