edd221534bd073d99ec3f2af0aba516e_JaffaCakes118 | Triage

Sharing

General

Target

edd221534bd073d99ec3f2af0aba516e_JaffaCakes118
Size

83KB
MD5

edd221534bd073d99ec3f2af0aba516e
SHA1

bb73ddc341711060f4862443abf87489a6b0233e
SHA256

f6f832b007543f3f253e3684989a7579198bd2ebe672506d7a24e92daad34f5d
SHA512

cb0150830f7d26ab1b4543b6c1154857c90030cdf7a7ef6d8c847ae59ecc9ef466faf0560e94eb03cab4d3c1445db4fb830ef4bccaeb6d908b4b7921996246b3
SSDEEP

1536:OY4bQbVRfAPI9PbC5PnvssvgEkvPtfUHVGaGADLyV2vR3BKICLUqygnaYd0XZcho:0sE2QW6QN/Iq6TjjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edd221534bd073d99ec3f2af0aba516e_JaffaCakes118

Files

edd221534bd073d99ec3f2af0aba516e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84141cd06b4b4a25df0fb3bad9b77102

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetProcAddress
DeleteVolumeMountPointW
CompareFileTime
GetPrivateProfileStructA
DeleteVolumeMountPointW
SetLocaleInfoA
InterlockedPushEntrySList
GetQueuedCompletionStatus
GenerateConsoleCtrlEvent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE