01e77467bb10b4ca49d4461caaccc336_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01e77467bb10b4ca49d4461caaccc336_JaffaCakes118
Size

1.1MB
MD5

01e77467bb10b4ca49d4461caaccc336
SHA1

91d64c794cea993fa44e03885fd107dc44bc8bec
SHA256

3b1ec3d20064cc29c2d85e85a8fff684ce61369eb9a44d73fefef56c77b34ec8
SHA512

95c1b403bc35d9e6c2503949bc42fff0c08e70b304920f1cb31d9585e7876e4bb90276e8957e6d6a900972bf7ec41b6cd54a23b6796b5c3aa0109850a649b7a0
SSDEEP

24576:SVFDVjECk5AnbJbcGdGXNhzOMQIW2zPgcQGYGSnQEZEFJvR+WYD5D:SVzBk0FdOhzvQIxPJlEZC+WYDR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CFӰԶ.exe

Files

01e77467bb10b4ca49d4461caaccc336_JaffaCakes118
.zip
CFӰԶ.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 344KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tdejucib
Size: 828KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

evdnbdfq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE