23ded627e89e2378738cc4a904ebb0c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23ded627e89e2378738cc4a904ebb0c7_JaffaCakes118
Size

18KB
MD5

23ded627e89e2378738cc4a904ebb0c7
SHA1

a8480d02d35c788c62452468d1832a2f2432e3da
SHA256

01cf3b724e1fa39fed4715e1bd8002ffa2208d3636d40ed8347ebd407b90068a
SHA512

9f80239d43567cd66ce7d78d0239bdcd968e500d9398bb4be081b60cc87a5131aecd5d1652154b488454e11930541ba97ae559aa60c656c167399792540fcb43
SSDEEP

384:oun4IO9B66U78ZnqayJhKlATqGhNlwGwk1L+P6pKipY/OTOT01bZGzuS:ou4I4B4syJhYAeGTlxwk1iP6pKipYWTw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23ded627e89e2378738cc4a904ebb0c7_JaffaCakes118

Files

23ded627e89e2378738cc4a904ebb0c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88f5c2579dd6d491990899d9c9d14fee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
CreateIoCompletionPort
TerminateJobObject
RtlZeroMemory
LockFileEx
FileTimeToDosDateTime
AreFileApisANSI
Heap32ListFirst
LocalShrink
Thread32Next
GetConsoleTitleW
InterlockedCompareExchange

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE