0662482dea0f312e1ed7bfdab7cf86b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0662482dea0f312e1ed7bfdab7cf86b1_JaffaCakes118
Size

60KB
MD5

0662482dea0f312e1ed7bfdab7cf86b1
SHA1

615126c683cd703a5ed3d706124dfe90e1f2dd9f
SHA256

c20b12d00769eaba2e4fbbbc9b8cd6fdb7ecc7483e79d382e51da334c26a3f2c
SHA512

9e633f6d4ab7964783e6405abee68df2f1c8b679961f1fce352192b7f568745f1bc44dd66af30592078937411aad13d446dfb10ea8ad49f32fb987870e23169d
SSDEEP

1536:Z0kFgaxMDYYVxgtxtZ3u1a+0FhLa782iT0DA+:G9UMDYYQZeo5FhT2Sub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0662482dea0f312e1ed7bfdab7cf86b1_JaffaCakes118

Files

0662482dea0f312e1ed7bfdab7cf86b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baec12c330171060495be3d923fbffff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
CreateEventW
GetPrivateProfileStringW
QueryDosDeviceW
GetFileAttributesExW
DeleteFileW
MulDiv
FindResourceExW
GetProcAddress
MoveFileW
TerminateThread
LoadLibraryA
WideCharToMultiByte
GetTickCount
InterlockedIncrement
SetThreadPriority
LoadResource
SetFilePointer
GetFileAttributesW
ReadProcessMemory
VirtualFree
GlobalDeleteAtom
SetWaitableTimer
CreateProcessW
FreeLibrary
GlobalAlloc
GetLogicalDrives
GetCurrentThreadId
GlobalFree
DuplicateHandle
lstrlenW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 862B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE