161162216fbfd1dd7d98ef967d2b1328_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

161162216fbfd1dd7d98ef967d2b1328_JaffaCakes118
Size

113KB
MD5

161162216fbfd1dd7d98ef967d2b1328
SHA1

808de2ecfa0f84c24a5cbe4c759ef126c0d5d99e
SHA256

166d81e5fe29cd2ea1c08da84db44e3a3df4be4da6dd89f8fe3e431310103778
SHA512

55a449b1788fa645b92908d1b2d925a08b4e4f3fe21b341e1c01d892a3339c7065459429c4b4cc69237ff6646ebc1e602e7023a8e1abed3a36cf58c98a59ee02
SSDEEP

3072:IQ3aKePEuMIT1ezdcDZLhFPrlsVW9ZMayHlKNS:YKePEny1ezdcXUW9ZMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161162216fbfd1dd7d98ef967d2b1328_JaffaCakes118

Files

161162216fbfd1dd7d98ef967d2b1328_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52a154234b3f75f6e26847018701e859

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
lstrcmpiW
lstrlenA
VirtualFree
GetDriveTypeA
Sleep
ExitProcess

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 250B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE