3251815b1a0b8d054be4167cd006a97e_JaffaCakes118 | Triage

Sharing

General

Target

3251815b1a0b8d054be4167cd006a97e_JaffaCakes118
Size

249KB
MD5

3251815b1a0b8d054be4167cd006a97e
SHA1

afda90656386bc9c5bbf1b849ef592af9cb0210f
SHA256

f47a691dd0fbdea65d17e6900a74433fceccd470f4458e3e4c703887fe13942b
SHA512

21fe052d08fb76f71b2bce02f38e6b5c7711133352ca19fe4a68a31c10d6fefd9d323e140376d226fde83d68dcb528a08dbde6c8d55874d2309e0485f636d460
SSDEEP

6144:5KVQv1+0z5+OX5sIK5FkdPXToVbUVDlYKfrNEDR3Po:sQLz5B5tKIJDAYVD/iPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3251815b1a0b8d054be4167cd006a97e_JaffaCakes118

Files

3251815b1a0b8d054be4167cd006a97e_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c1f46b23e393f5e3d16f10bfe2733dfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStdHandle
CloseHandle
GetStartupInfoW
VirtualAlloc
VirtualFree
GetTickCount
LocalFree

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ