3deebc449901aa636ea37f9afdce09a8_JaffaCakes118 | Triage

Sharing

General

Target

3deebc449901aa636ea37f9afdce09a8_JaffaCakes118
Size

2.9MB
MD5

3deebc449901aa636ea37f9afdce09a8
SHA1

6cc9019fd8c3702bf6c935267714f56b84d39322
SHA256

9e72dff7cce25047acb94afa840cc58f39088c9b9c1b9b7b91de2ec894d71d81
SHA512

71212f771bd74661eb28f3d5704bbc3bba71ab507ecb8a176f8a1fef65bd1a3dc56a558f93be827e8a47b29a3247cc791f3c5c8929106978c8d55260cf8ca979
SSDEEP

49152:25GxM1/vGppvwIgM9eiiNZfcV5HjO8BSiNfwqLEbssPb9/dPmQPvzg9:cGx8/vQ139+NadjOiNfRKjTnPmQPvzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3deebc449901aa636ea37f9afdce09a8_JaffaCakes118

Files

3deebc449901aa636ea37f9afdce09a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d64316aca8f69e2636ef0af74aba9f34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetACP

Sections

Size: 535KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xyssiool
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

clpvbxuq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE