0f4a75d201adca9f3c5080fc0b7fe1ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f4a75d201adca9f3c5080fc0b7fe1ff_JaffaCakes118
Size

327KB
MD5

0f4a75d201adca9f3c5080fc0b7fe1ff
SHA1

8c87f2c8be7fc7757d7c75eda3bbcf6a2c381fc0
SHA256

1648f50fa809cd161617e83d8fc7da4d8973d6df72fa2c2f2989c54217c4aadf
SHA512

086129986935bd83467fd40bda52e805ae57296eb4a089315e94ed966fc2307db56ea8c654cf3beba46243d4907518935cb7376e886277b0b47c3246b72d5c0a
SSDEEP

6144:OmW45aayH7AOxdzuIti8YifI8Gwz4LAggDFQApxc5mv4gDJ:OmX55ybJxdx+ivLz4uDFQApxcMDJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f4a75d201adca9f3c5080fc0b7fe1ff_JaffaCakes118

Files

0f4a75d201adca9f3c5080fc0b7fe1ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1f020320c050319029d0c30f44c23ced

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetTickCount
LoadLibraryA
GetStartupInfoW
GetCurrentThreadId
VirtualAlloc
LoadLibraryW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleHandleW
GetCurrentProcessId
GetProcAddress

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 151KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ