249cc3d9e52df7eda6df441f18ee4a83_JaffaCakes118 | Triage

Sharing

General

Target

249cc3d9e52df7eda6df441f18ee4a83_JaffaCakes118
Size

155KB
MD5

249cc3d9e52df7eda6df441f18ee4a83
SHA1

3c85fc41a7c8ac7d90da17bdb3948c7c97f14b9f
SHA256

5bcc087e6dadd2cb8b445a4c0efc755c250c8a52d4313bc5d11d5e1f6e75a3e4
SHA512

70382501f50f282bdad1a197e63cf2205de9751a78c4a86192362176ee770152b7d74505d5a2799a2caa9b55559d18ae8734ec3632396cf7b46f5fd821a64741
SSDEEP

3072:WrIFb/9sHIRRHsYYUh7DsU1Al0X5leLMy4eK56UbL+:WkFb/9sAfr1Alw5leAfeK5nL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
249cc3d9e52df7eda6df441f18ee4a83_JaffaCakes118

Files

249cc3d9e52df7eda6df441f18ee4a83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff6f03509e3363cec461d3f61abb1529

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
GetStartupInfoW
TlsGetValue
GlobalReAlloc
lstrcatA
GetAtomNameW
GetDateFormatW
CreateProcessW
GetProcAddress
EndUpdateResourceW
GetModuleHandleW

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ