284c6875ff7f9e1196cbbd54ff1b34fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

284c6875ff7f9e1196cbbd54ff1b34fb_JaffaCakes118
Size

98KB
MD5

284c6875ff7f9e1196cbbd54ff1b34fb
SHA1

170f73b5de52944b9113fe0897542fff86fa96f8
SHA256

7ca45550823eb1d59fb68d7e502538855e1fdde5dbb5ced703bf92313755414a
SHA512

fb26175927c9cdf20ea2ae2e6c0ed35b4cc83b53671faa6abaf9c676a5c20ee32637312b9fd87540bcaed1d74b8d3d6793144ec1a4975feff67ea54a60bca946
SSDEEP

1536:9E7QsPcnTycCgwyV1LnROIbqjZnHSV5CBdXBYzDTU3tZzFo9PiJTi/9JeeHROZ:9EYgw1nRqMrCBdBIDTov2iJGFfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
284c6875ff7f9e1196cbbd54ff1b34fb_JaffaCakes118

Files

284c6875ff7f9e1196cbbd54ff1b34fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f13a1c7afa57cf2f5faf999d25447da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsProcessorFeaturePresent

user32

SystemParametersInfoA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ