fd6089a486e24064479e779018754b4a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd6089a486e24064479e779018754b4a_JaffaCakes118
Size

115KB
MD5

fd6089a486e24064479e779018754b4a
SHA1

56f90f7f13c756ca011f26bf2cd99ccd0f45b7b6
SHA256

79f7e326171eda9d6696a630f294b90654bdbd8f2a7ef3f0408d360e7470b513
SHA512

db6f6b766b0b12b49e49facdad6b5291aa328b2e7a229846809f25381a745bdea90d1041dacfc3ea7138617be5e3a97207771cc2335e918eccaaaa43a6e7a05b
SSDEEP

3072:+XtYIR5DU295HjzVCHKvj8+siM+IZ3IzdNlbO:01XoiVz7BDMLZWdNd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd6089a486e24064479e779018754b4a_JaffaCakes118

Files

fd6089a486e24064479e779018754b4a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

6909c06827ec39a64f78f13d9f8b1c38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateMutexA
LoadLibraryExA
GetProcessId
GetCurrentProcessId
ExitProcess

Sections

.text
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdata
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ