1a6a05ceb47752d49969a496964d8936_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a6a05ceb47752d49969a496964d8936_JaffaCakes118
Size

52KB
MD5

1a6a05ceb47752d49969a496964d8936
SHA1

7d0ac1a117f2d3f64790342486ad2ca9cc3f0bda
SHA256

38ae01e459b0d8ce2f2e79606ed0d4650e496cbd425ea27587a9e7c5f18e5c2a
SHA512

e2d536edf36a247dff859b540b3c10e78a60f843f47fcc6ecdee4800a97780d38c532c3501e75c709010dce3cbc3f537f06d2e7690d1528382de7bc0924179d7
SSDEEP

768:6sX2orw4ZANyUtXTeF3tNqMfwyBI18ir4roAlg6NkrjVmxCkkVVB:6sX2orptU1QVNBI1PrgZqT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a6a05ceb47752d49969a496964d8936_JaffaCakes118

Files

1a6a05ceb47752d49969a496964d8936_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd30b1e61ec1daf2e5ce4cfbc43f9e0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
GlobalAlloc
WideCharToMultiByte
LoadResource
GetLogicalDrives
TerminateThread
GetFileAttributesW
GlobalLock
SuspendThread
GetCurrentThread
CreateThread
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
GetFileSize
CloseHandle
QueryDosDeviceW
MultiByteToWideChar
lstrlenW
FindResourceW
GetVersion
SetWaitableTimer
lstrcpyW
FreeResource
WaitForMultipleObjects
FileTimeToSystemTime
GlobalAddAtomW
LoadLibraryA
VirtualFree

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE