05db8f3ad0dcaa2f37610703c53b61ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05db8f3ad0dcaa2f37610703c53b61ca_JaffaCakes118
Size

148KB
MD5

05db8f3ad0dcaa2f37610703c53b61ca
SHA1

a3a235dd1780d9e55c686c200852a5be6b0b81cc
SHA256

431b2532b0cd7d15aac43a5eb747284fb982f299ff4d9230fe51b6f67aa27f43
SHA512

68d78af0005ed35a4b0be1b54325d5cb18f072c667c83b3e6d21bc24fb9bd9b2a5c916080d6254bea4aa13ffe3727c527a4b796560b616e931cdd4845bb8d522
SSDEEP

1536:vzoIO+CI3RA9lOVN1ZUVPFTnSsAky+Df6xcDPYGrEIJA6WFiaKLVW:vzBOdYRCAmPckHBrVoIe6WkrLVW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05db8f3ad0dcaa2f37610703c53b61ca_JaffaCakes118

Files

05db8f3ad0dcaa2f37610703c53b61ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ba120642a493da654ee8f53ed845424

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Download\test123\3434\Release\3434.pdb

Imports

kernel32

GetCurrentThreadId
GetModuleHandleA
CloseHandle
ReadFile
CreateFileA
LocalAlloc
GetSystemTime
GetModuleFileNameA
GetProcAddress
LoadLibraryA

user32

GetKeyboardLayout

Sections

.text
Size: 4KB - Virtual size: 669B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ