326fab646c60115e7eaf206dc45df9d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

326fab646c60115e7eaf206dc45df9d1_JaffaCakes118
Size

804KB
MD5

326fab646c60115e7eaf206dc45df9d1
SHA1

0e246b920a0e609bf22323bef223882582e8ae59
SHA256

0360e1535f59f7c992321b037829f5496b68dee5d11bc749a990093c38bfa73c
SHA512

5f700c380cd16a3f2e7e42d56ccc340f9ec429d6dac605f1a1dec436b5300eca5d33cb74d73f9a2b57d9e199f05b00ca53c28fc9aeb48f727865d5d7e98a0353
SSDEEP

24576:McXBdKhuwXy9rc/pJs668TrI7tWafP0wixLmfd:1BTtrGs69IpH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326fab646c60115e7eaf206dc45df9d1_JaffaCakes118

Files

326fab646c60115e7eaf206dc45df9d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9171a46f2e308de37b2c1df6c9ab4041

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GlobalAlloc
HeapFree
HeapAlloc
CreateFileA
ExitProcess

shell32

SHEmptyRecycleBinA

secur32

CompleteAuthToken

powrprof

GetPwrCapabilities

Exports

Exports

antiemu30

Sections

.text
Size: 774KB - Virtual size: 773KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oiu
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bdsh
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ