a44ab00752a1ff659341e7b3c15e5fa0_JaffaCakes118 | Triage

Sharing

General

Target

a44ab00752a1ff659341e7b3c15e5fa0_JaffaCakes118
Size

147KB
MD5

a44ab00752a1ff659341e7b3c15e5fa0
SHA1

8b0213c26aabab3d10ca29422fe34595d3c922d7
SHA256

f59e5b7c4dcddee2305fbdc248f4f263c5c46cd3956af2c9d86d73052707e59b
SHA512

22ac97932a308853c83c260a512a412c5c2bb33990480ed9f4a1de7ae99e617d558d774e5f9374486e5262c8fc4cadfb6315bda6ad9f959f2daba2ac2cd57bb1
SSDEEP

3072:kjA2U73tlSZjnixmCWc7+V4AS7IADqTf+1FxM7KYUw1z20giL81Yp0:kjA2U73oj7EC4AbLTf+1F4Kw1z20giT0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/uvnllfxk.exe

Files

a44ab00752a1ff659341e7b3c15e5fa0_JaffaCakes118
.rar
uvnllfxk.exe
.exe windows:5 windows x86 arch:x86

ed75d4ef06d4382ba25c75ccd4a09331

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateFileA
LoadLibraryW
GetProcAddress

user32

LoadIconW
LoadIconA

Sections

.text2
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34.0MB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ