f25113530990cfa9547a599db4cc8ba1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f25113530990cfa9547a599db4cc8ba1_JaffaCakes118
Size

488KB
MD5

f25113530990cfa9547a599db4cc8ba1
SHA1

86fbc64dd515ebf9f705978bbf2da5b44e759cc2
SHA256

46d132324e82989623d2121ef83fc7a1208ff7dcbd01d331e3220ca06ad94b78
SHA512

dd349629f44a819f323c7278e5dc2235d0c3e53263d67c8af172c636c6259d589c084cabc232c0fc80cee5582e13c43938f671c49e7b2e10790ca5e19ff9af7c
SSDEEP

6144:fr1pmxh31DAI+6jBq5qoW8sj+hL4RedtsiIBYV3ymECuftNuGDB/uw8zjSU:f5aDJA5N9sjY4QzYSAtL/LaS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f25113530990cfa9547a599db4cc8ba1_JaffaCakes118

Files

f25113530990cfa9547a599db4cc8ba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d11044969f31f8634a0b549d3b7246e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlInitializeContext
RtlTraceDatabaseFind

user32

GetDoubleClickTime

kernel32

GetUserDefaultUILanguage

Sections

.text
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 250B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE