166245b8a55b068b6f0240a989bbd65c_JaffaCakes118 | Triage

Sharing

General

Target

166245b8a55b068b6f0240a989bbd65c_JaffaCakes118
Size

173KB
MD5

166245b8a55b068b6f0240a989bbd65c
SHA1

ea71b2a67c9ea8b0c867b147dbf840e15bb4e4fc
SHA256

f42154c1960a7d630ae4a7e3278f3645f3504b3025ba8f12dc80deab85a04b93
SHA512

2342f0653e8a2241f752133eddce2c7180e4079cfa30781cc0edfa22c0f3d4feca5d7f8a6450800f3c1c2e2d348af2507bfbcc820240b3b239bfb7eca4fc8aef
SSDEEP

3072:hAbMgwtbeMtrFmqnmg7O2NhMF6CRDi47J9GySgWLvm/td6e:hAbMFtbdtFjmg7O2NhRv4lSgWTm/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166245b8a55b068b6f0240a989bbd65c_JaffaCakes118

Files

166245b8a55b068b6f0240a989bbd65c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d51ca745f57a4b2b451511b81b22f2be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeMountPointA
CreateFileMappingW
TlsFree
EnumSystemLocalesA
CreateSemaphoreA
GetLinguistLangSize
GetThreadPriorityBoost
CreateThread
LZRead
RemoveDirectoryW
ValidateLCType

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 59KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE