42047e01705763e989170494fc550110_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42047e01705763e989170494fc550110_JaffaCakes118
Size

1.1MB
MD5

42047e01705763e989170494fc550110
SHA1

5d3db9bcbfcc246f37f98972787acbcca523856f
SHA256

9a8ac843bb2b359b0b63b04f7d34e785bec6570bb7f43c7c3c6fadec62a1b344
SHA512

4be87621ca300483a037a3fa18358d52b56d57f8b580e13efd76f094e28cfa650b2132963c3e950643227bf1ad565475c1fd7710f56b178f9e77783b111e128d
SSDEEP

24576:BF8hACTtdpvosByH3sEfETxmajWe9bvtjXE2DiEUGI:MZTtDvBB+3nETx/jWipjt1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42047e01705763e989170494fc550110_JaffaCakes118

Files

42047e01705763e989170494fc550110_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd90a3063affbb424e19aabd9e3a357c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32 advapi32

GetWindow ��

Sections

Size: 352KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ