335e62e81c36f667ceea1ea0358e1396_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

335e62e81c36f667ceea1ea0358e1396_JaffaCakes118
Size

115KB
MD5

335e62e81c36f667ceea1ea0358e1396
SHA1

2b75b32d9d8b185c1c85cc6657aa732cbbc07783
SHA256

73f32d5ef4325e3958b5b12bc57bdd53281f8e7bda46184d102d40db1143940c
SHA512

158a8a3c13796e2e381ba741c61391422973dca3e0808c060ee7a0d778e9377f2b1d04bb9751bbc3e6f9ad7ac49c14aaad8c720edb7923fb54ef71e616425844
SSDEEP

1536:G+MxCKswM/QxhJpspTbagpVw5rrSRyWbeDW4atoKrdGpFNmM:rv4hJpsJmgpW5rrSRyfy4atoKrd6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
335e62e81c36f667ceea1ea0358e1396_JaffaCakes118

Files

335e62e81c36f667ceea1ea0358e1396_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11ac92b2238b428835106d9c859eb2e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualBufferExceptionHandler
MulDiv
GetProcessAffinityMask
IsProcessorFeaturePresent
CancelWaitableTimer
GetLocalTime
AllocateUserPhysicalPages
GetAtomNameA
HeapUnlock
GetConsoleOutputCP
EraseTape

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE