e0941ff3a7138533bf56df02e6682ded_JaffaCakes118 | Triage

Sharing

General

Target

e0941ff3a7138533bf56df02e6682ded_JaffaCakes118
Size

1.4MB
MD5

e0941ff3a7138533bf56df02e6682ded
SHA1

b522cbdc08bc3bab4272002efccb489604c17038
SHA256

cdbad1f3e8ddee433fa29dc00cd7daf0cb80a1db33e399a2ea13b21d9d498e7e
SHA512

71670954a8b7bcaa075b2fdcc6b475b233be0ddd693427436387813be3d00b09d147662e419d5e0b038aff9dfec2a37b6aec59b5df57c96419884025e8943814
SSDEEP

24576:xCI0Ii55oczER+98n9dIzzr/9TyPH7t8LyXNXgqG1YCoGBmPz4ifJx39tLke+Nzm:oIri55oz9y3Lq7tVwqusGUPz/Jx39tg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0941ff3a7138533bf56df02e6682ded_JaffaCakes118

Files

e0941ff3a7138533bf56df02e6682ded_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

qssztnpv
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

noldsdiz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oqzfiubl
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rlwrbsya
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE