69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118 | Triage

Sharing

General

Target

69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118
Size

95KB
MD5

69bc9bd5f7e00d800d0973cc370578f6
SHA1

4bbb367430efdb514fce13501483d2627dd15b2d
SHA256

f24a509ad78acc5eeed6be163c25840981ef9dea5aa31ba8ae64ff892c9a3ce0
SHA512

36ad8d90c29b9e328ace93a1196fa622108619faedfd9e71d79f72b3b7c9c77db531d729b959d944dadb2e6dd8d34191993c755548bc167624d9c7e13dfc4e18
SSDEEP

1536:FG56bL7x+qR+eE88x8/eZKakO9V1meNL6CsNI8VpfodU2EjNZwD4rB7MwU13kyG+:AQ3cz8G4eKakOBpL6CAI8VOEO4r813kF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118

Files

69bc9bd5f7e00d800d0973cc370578f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

60ececb2875afb8badaf630de8ccdaab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetLastError

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE