0635059b35042c7b1aaf16beac6b11dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0635059b35042c7b1aaf16beac6b11dc_JaffaCakes118
Size

1.3MB
MD5

0635059b35042c7b1aaf16beac6b11dc
SHA1

ecd1319b6ccaed130211689c6bb92ae5f8e6a4bc
SHA256

95fd0998b8c21fb8a3b9c87cf4acd91ada72073f43c4e5c92bc372a1e8ddd681
SHA512

0512eda5f103ee9bd28d0a5171f9af28b9495335185064e2d7d8bd86ce93595a16a13f136be74d14f7d759ea4450399a0fba157d7ae012878f78114cd5b3ba20
SSDEEP

24576:DrY9uiXCZEmH+AoNRx0Dz3QEZ3Ipm8BvQ+F+NWDpYtxrRLdPtNO:ViXC6mHRHQuO1InWDGtxrRJtk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0635059b35042c7b1aaf16beac6b11dc_JaffaCakes118

Files

0635059b35042c7b1aaf16beac6b11dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35a9e9974c673669c35cafffdf20e1bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId

Sections

Size: 667KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qgckxplh
Size: 624KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pkftgacr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE