31bd19fc543a8c73d5d3351a08822c46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31bd19fc543a8c73d5d3351a08822c46_JaffaCakes118
Size

63KB
MD5

31bd19fc543a8c73d5d3351a08822c46
SHA1

d4087284778fb612fc65fbb4a26017684260c156
SHA256

eee26ba22e229ad621470381a7ffd6d4b7a4dbeba92295efbc0dd79150f3309e
SHA512

875b9f7bca8a8d5f4d974d89ffae79bff7810c9cf32a0f47d3e50019f30f723cc6985c899b5db1dc2f03135c38f832da96675b4a88f9902b76f5fcc8e9c0e31e
SSDEEP

1536:nVbSW8mlVEIsncEEXrISL4dwU0kqZWbO6LHjEbP:nVbt8mlyIjEEXzLvbJh7b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31bd19fc543a8c73d5d3351a08822c46_JaffaCakes118

Files

31bd19fc543a8c73d5d3351a08822c46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a29a83a316149b98a7d74332ad52827f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnregisterWaitEx
PrivCopyFileExW
GetOverlappedResult
OpenEventA
GetEnvironmentStringsA
CreateHardLinkW
SetComputerNameW
GlobalReAlloc
UpdateResourceW
SetSystemPowerState
GetTimeFormatW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE