29d69ee1d33e1c9aad4962cd5ceabefa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29d69ee1d33e1c9aad4962cd5ceabefa_JaffaCakes118
Size

517KB
MD5

29d69ee1d33e1c9aad4962cd5ceabefa
SHA1

6f7da4c2702cdcdfa92a0ddd202e4fa1fe2a574e
SHA256

18882a43562a9024d29f3ea4dc3d83096ebdb4c9ab4db209aa18e5aba9257c1d
SHA512

0dc8be7e6ab415efe6df742fad552131befa95129bc8f092aee0348e06d851d0d3c1bdc2ac47d8c988e8c180253f2a36ed03dc44c7bb76905d6100b2f9555ffa
SSDEEP

12288:hpyZtuGA60hYEHKAAY+9z3+kDp9i010u1:hvzqEHKjz3+EQ010G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29d69ee1d33e1c9aad4962cd5ceabefa_JaffaCakes118

Files

29d69ee1d33e1c9aad4962cd5ceabefa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d7d951af7dbeed810a5fd64328e043c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
Sleep
HeapFree
EnterCriticalSection
GetStringTypeW
HeapAlloc
GetProcessHeap
ExitProcess
GetCommandLineA

Sections

.text
Size: 435KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE