f3273f60f0644741f66d955f47975462_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3273f60f0644741f66d955f47975462_JaffaCakes118
Size

83KB
MD5

f3273f60f0644741f66d955f47975462
SHA1

9f69980993cfe01b417294cf8190b0cc0e767e1c
SHA256

c9b99659c78f301b188bbdb4a5fe1e58512aa8b9ddbd4644cf5a829ec0e49283
SHA512

c9bf612accc4495d81c8328ce1722c1bfe0496d3d3da074344d000da15369e456532c8dea053def9def931b4db50a167fde59a41b5216855c5bea490f6de3e27
SSDEEP

1536:sohGmYKi6mQ/oAMGUvIJvEIdxFzL/4REKh73irjEErxTWDTMqhGKYIZTET8bDQ:5jYKi6Ha5QOexRLaEaGjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3273f60f0644741f66d955f47975462_JaffaCakes118

Files

f3273f60f0644741f66d955f47975462_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8417dc9e646e52e04d9ecafe97c22d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntW
FindVolumeClose
GetFileSize
GlobalHandle
EnumSystemLocalesA
SetHandleCount
FreeVirtualBuffer
GetTempPathW
GetFileAttributesExA
GetThreadSelectorEntry
WritePrivateProfileStringW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE