fd7a6113a6885bf3763d9a8f6813cc1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd7a6113a6885bf3763d9a8f6813cc1c_JaffaCakes118
Size

132KB
MD5

fd7a6113a6885bf3763d9a8f6813cc1c
SHA1

fc826101a55290e10b0d7b9312b10d48ba3c9a54
SHA256

79e53979d9149cf5726bb542c9e7a04ff953e732f98c03cb9dcd591caec41e12
SHA512

5090827ed708ff416b77839078b478a3c7f0af0cd14bf92605a28b7113d08a819834cf3a3e91be8abcc34798aa67afdb761dbb34b37ffff4c187728c86de3ebf
SSDEEP

3072:pXV12Gwzh684IUHxxKyklLW3JBwv4X7dzhNs:k684IU8qJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd7a6113a6885bf3763d9a8f6813cc1c_JaffaCakes118

Files

fd7a6113a6885bf3763d9a8f6813cc1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c42fa8334c9a51744de35605556668c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
SetConsoleDisplayMode
GetUserDefaultLCID
FileTimeToLocalFileTime
DnsHostnameToComputerNameA
OpenProfileUserMapping
LoadResource
CopyFileA
IsValidLocale
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ