11767d7b88ac7672dc16d890d2ce7630_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11767d7b88ac7672dc16d890d2ce7630_JaffaCakes118
Size

90KB
MD5

11767d7b88ac7672dc16d890d2ce7630
SHA1

465b7aec130a92529778d50728dec4ed201836a1
SHA256

e529a4facbab06126cca324c3299a8dfbda2080d7aa44aa0a9f4bbcb92ad9e6a
SHA512

47f60ad04da3e4f7a5020dffd6c7474d313e54f6f1a212ba7189cbd77d450425ab82763afbd23c681c181632decca0a83c6bb5075e3e0a46422003f0578d0d10
SSDEEP

1536:AHitYLDxBJfv6dViOIxnnX9FEfVBCERqFTCLHpMp5+vftjSxJxaLig173o8akI:AHiYfbJfv66zCCEI1CzpffFS7xaJMKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11767d7b88ac7672dc16d890d2ce7630_JaffaCakes118

Files

11767d7b88ac7672dc16d890d2ce7630_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b32eb9cca392283574e755c75871b074

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateHatchBrush

useree

IsCharLowerA

kernelee

lstrcmpiA

Exports

Exports

RoamingTraiO
?JoinLower@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@O

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mPre
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lobby
Size: 512B - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ