2624f40b6dbc6bfb33cba0ea5864e65b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2624f40b6dbc6bfb33cba0ea5864e65b_JaffaCakes118
Size

61KB
MD5

2624f40b6dbc6bfb33cba0ea5864e65b
SHA1

ab184bf8e4f991449093f2ec84102b1359ac5e79
SHA256

8af2102036f773acd1d4a3ba4ce7d1bb319fbe3a5a38d1ee0b84d8e5ac76874b
SHA512

ca472f71fda3e1747e690ac51a606c89d8a72c784b0e097523125bf24532f8becdfbada3f4b169d716a8f8c6ce9f17d81cb7e7b157f48d94847658934d810f3c
SSDEEP

768:WKDTO454nQOWy2KvK3EOJREYwFlcPh7A+cLiM8ZRqgwxnZhcYHiMRNkj0C9FCce5:WYeerwjcpAHifRqgwZ/cYHiICIC9Fk4I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2624f40b6dbc6bfb33cba0ea5864e65b_JaffaCakes118

Files

2624f40b6dbc6bfb33cba0ea5864e65b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

829f583631d4ccaeaedabb499a0d4448

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeWritePtr
LocalSize
FindResourceW
FreeLibraryAndExitThread
GetConsoleInputExeNameW
GetModuleHandleW
FormatMessageA
FindNextVolumeMountPointW
HeapUnlock
MapUserPhysicalPagesScatter
RemoveVectoredExceptionHandler

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE