04ed38f2184642c7d8a73183eb590917_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04ed38f2184642c7d8a73183eb590917_JaffaCakes118
Size

2.4MB
MD5

04ed38f2184642c7d8a73183eb590917
SHA1

181a53745606c08d22dada574963cff3d32e0eee
SHA256

a873f26107afe6437fb72c1a876eb5aa627a57a389b4911ac9bf6dd767d4325e
SHA512

95786b17346a4f2d7c341b3f433081f49f94043a759617dfcf5f71679fb30279d570fbca9c68537936ccd0ccff127ef637af51b8ff8526a6b040e51406c0f676
SSDEEP

49152:wx3bFmJSfj1EvwlIrqr7CUfTOK8kyeBjsSa5KWdAAJ:wlbIofjNKrzUKv+m5/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04ed38f2184642c7d8a73183eb590917_JaffaCakes118

Files

04ed38f2184642c7d8a73183eb590917_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

U%t5e8v`
Size: 509KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ttC1Sg?/
Size: 840KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ym7f2h+0
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

";5f-_'Y
Size: 512B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

]hF`m@v"
Size: 954KB - Virtual size: 956KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

R8ld"WYZ
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE