198926beac5f24d9b05a49a37751703a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

198926beac5f24d9b05a49a37751703a_JaffaCakes118
Size

63KB
MD5

198926beac5f24d9b05a49a37751703a
SHA1

e2de59120bdf6c2af9f7a12e1198b86c3978e3c8
SHA256

02c7668af08a711f82006584190f99e3674e456fb6c2a7e96142a0890bd4392e
SHA512

9c95c389b86b4581d7791a44013b90287d02a29f6f8b4d0defff4c561b48f9275d7ed4ffe9bf3cd334998b7fcfc14afcda6aeaac1b40b47c9199e3922f359913
SSDEEP

1536:yj2LA8ZzbGOMNexMX4TmOAvOOwIPPQI+7wiFR0vNHYIdUz:yjL8ZzbGOMwxMX4Tm2IP3+5yVHYIdG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
198926beac5f24d9b05a49a37751703a_JaffaCakes118

Files

198926beac5f24d9b05a49a37751703a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8c3755d1deaf470b95d6ed0a178a69a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedPushEntrySList
VirtualAlloc
QueueUserWorkItem
DuplicateHandle
CreateSemaphoreA
OpenJobObjectA
EnumCalendarInfoExW
RtlCaptureContext
ScrollConsoleScreenBufferW
SetMailslotInfo
LoadLibraryExA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE