f13fc2366f5326b98e9cd10e621acec9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f13fc2366f5326b98e9cd10e621acec9_JaffaCakes118
Size

83KB
MD5

f13fc2366f5326b98e9cd10e621acec9
SHA1

b33941b5d8dc189b1cebcd23830bfe2658f1a252
SHA256

bb634bfcb832a3b78503c22e0b1d63012378e687ceb75b5f4c6169d0ecdfa177
SHA512

b9de9c64ce1447e56f437cbcb0434d9679474f4cc0e24143a354e7b9a1dcab26b2676b8416cfc62632b15db4036b2ba31549240907830a14520fa7d3ea057284
SSDEEP

1536:SxGV4MDXahfMSBeMbotEg2vlUozz7PPNB2Z6NTbuQaBevHbjEErxTWDTMqhGKYIy:HaBNetEg2vrzzjV4Z6tbuQakv7jBkMq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f13fc2366f5326b98e9cd10e621acec9_JaffaCakes118

Files

f13fc2366f5326b98e9cd10e621acec9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ef262fe18e6a33c455373b708e5ecfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
ReadDirectoryChangesW
GetTapeStatus
GetDefaultCommConfigA
CreateProcessA
GetConsoleCharType
GetTempPathA
DosPathToSessionPathA
InterlockedCompareExchange
ConvertThreadToFiber
UnregisterWaitEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE