00bb0f98ab329f9c704ce743434e4343_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00bb0f98ab329f9c704ce743434e4343_JaffaCakes118
Size

81KB
MD5

00bb0f98ab329f9c704ce743434e4343
SHA1

fa53bf1955db4528047b89c2d74a58e5e005099b
SHA256

f6189841a7bdff4c39a4075fbcb1e0a1bb65575169bbb0caf0d54b4b98f59ed3
SHA512

7106340182591da3a3d1931b0c9ef3be2fc1882279fcb7cee49988e53aaf6592dddb4afd3358ac3ae5b74b533dc73b29261907d9df98eaaa06268aa264ee363b
SSDEEP

1536:6UwBiLrajyQAWFqv3x/pHpNRSVbmBe/3x+YKEt8HxUgRlfGkEtw/fshfL:6X4LGjyrEqv3xRH3R0b87a8RTnuS/WfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00bb0f98ab329f9c704ce743434e4343_JaffaCakes118

Files

00bb0f98ab329f9c704ce743434e4343_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb167c6b07ca21ec769d092dd410fe4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatW
DeleteTimerQueueEx
FindResourceExW
SetCommConfig
WaitForMultipleObjects
PrivCopyFileExW
SetThreadExecutionState
AddLocalAlternateComputerNameA
SetSystemTime
SetConsoleMode
SetCommState

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE