d9c31bbc359952ebfb3947f66cde7abb_JaffaCakes118 | Triage

Sharing

General

Target

d9c31bbc359952ebfb3947f66cde7abb_JaffaCakes118
Size

731KB
MD5

d9c31bbc359952ebfb3947f66cde7abb
SHA1

030177325c1d4f84b5c0f92eb92b6bc766fe5dbe
SHA256

e209f37a1703c946f98c22941f9b38dad96d185ec52a963e154383e521eee99f
SHA512

06779f205f5e9d67738dfafebe0de7e5f73bbe4fc63c12386e1c049b1070ff0d32a9dbac089814c60aeb76558aae5087940d97b7810a59f70a44bf7075331373
SSDEEP

12288:F9uoalDYM1D0XkTWcXu1fdfgfLSSSCSsz6+9XWdxwgNrLhC8JZbVSMX9P:vuoaBz9TtGlfSSTCSsG+tWrwKLhC8bUq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9c31bbc359952ebfb3947f66cde7abb_JaffaCakes118

Files

d9c31bbc359952ebfb3947f66cde7abb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d76f4237a8ae158292f09835997a1d9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA

Sections

Size: 49KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nqnnztxx
Size: 673KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jueqsynf
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE