19e84aa79c4ce90238c06533b909f9d4_JaffaCakes118 | Triage

Sharing

General

Target

19e84aa79c4ce90238c06533b909f9d4_JaffaCakes118
Size

2.5MB
MD5

19e84aa79c4ce90238c06533b909f9d4
SHA1

4c1cfd8877fbc4df83ac224b89e418e7b4792b05
SHA256

0bc8f4eb01bdfd0d11d0ebd8deaed30e60908550be9c9668364b21b49c626256
SHA512

8b82ca108ce9aa63155e64db7299659c76db6d23266039e3d84acca7c4185834c75a2158283a109610c54306e77acc775e27ab2d8f76dcb14d7fe8173475ef9d
SSDEEP

49152:TusnT65I512yIni8ELgAUkkCXXkHss50Ye4AGSZhOwrMrC:TT6ugMLBUkXX+ss50YTcPHr+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

19e84aa79c4ce90238c06533b909f9d4_JaffaCakes118

Files

19e84aa79c4ce90238c06533b909f9d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1acbf79fe480b5eef0ba1ed041d1d26b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetStartupInfoA

Sections

Size: 319KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xalvmffn
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sjehmwsr
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE