fd2f2dab2d2744fd6e08278a6163f0ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd2f2dab2d2744fd6e08278a6163f0ab_JaffaCakes118
Size

83KB
MD5

fd2f2dab2d2744fd6e08278a6163f0ab
SHA1

e378cbda0450591b3133d7b76a89a65b55f8b4fe
SHA256

3df2510d8cf13cd2d15a662fc1083af34483d50c2c061c8dd1c20cb74488119f
SHA512

595d279d8ec6c8fe6ad692a206e272c128d8c348596569f16397af120f92405121e3581a20b4385ceff63856ab2ba05b963ca5c539a285e0f850eac5fe2f7f89
SSDEEP

1536:W9dJcojcMv9foWtCBHuAMvWMNrpAY90jEErxTWDTMqhGKYIZTET8bDQ:IdJj9FtCBfMwY90jBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd2f2dab2d2744fd6e08278a6163f0ab_JaffaCakes118

Files

fd2f2dab2d2744fd6e08278a6163f0ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

169cc2040e3a34cfb9176794a4efac67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
EnumResourceTypesA
SetHandleCount
GetCommModemStatus
SetVolumeLabelA
IsBadCodePtr
WaitForDebugEvent
GetFileAttributesExA
SetLocalPrimaryComputerNameW
ConvertThreadToFiber
FindFirstFileExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE