1badd200b0182c248a6a007fc0d19a1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1badd200b0182c248a6a007fc0d19a1c_JaffaCakes118
Size

1002KB
MD5

1badd200b0182c248a6a007fc0d19a1c
SHA1

53ee92d966e36ce90fa2029473b01c658b6a7f1a
SHA256

13f6ff999d1702b48b5e9d7b3c0d6ae8628f555f806c91d9115094e981ae2413
SHA512

8b70476e30ebb16c3f7e695b8cc91752f04b8a88d1c6c60007394d736e2b10ec6ad6b6089867782c04fd72a770759dfe18267171e034bdf9e84f4b56b57a2269
SSDEEP

24576:Lp65+A32+Tgv0B1SkLHNwokhqzi0kY1wA9XhoUdJ3R:LpXA32+MKYkgwipYyAhldJ3R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1badd200b0182c248a6a007fc0d19a1c_JaffaCakes118

Files

1badd200b0182c248a6a007fc0d19a1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f646ba5ab367fc08c00f8d18005dc3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalLock
GlobalAddAtomA
GetCurrencyFormatA
LocalCompact
IsBadReadPtr
GetLargestConsoleWindowSize
GetCurrentThreadId
GetLastError
InitializeCriticalSectionAndSpinCount
SetVolumeMountPointA
GetNumberOfConsoleFonts
SwitchToThread
CreateHardLinkA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

itext
Size: 4KB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 890KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ