35894f3b6a318cfa0dd769f901476ef6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35894f3b6a318cfa0dd769f901476ef6_JaffaCakes118
Size

434KB
MD5

35894f3b6a318cfa0dd769f901476ef6
SHA1

50e903dae31afcaeb35bea0f81b678925a4c6f20
SHA256

1a917caea53b55796dfe29bcd619acb35ab83162280b2558011379aeaa0548a7
SHA512

a5bb371f5d39160d33f1bfea0eebeaca9371ad7994a77604b815452e97699dfbbc510863ea65c0d3c9bd9fd4595b62d2570cc2d30eded5cf41b355a81c8b076e
SSDEEP

6144:sTelr4hVvfaN9sfgCEg6zW9UwEu6hHqD2Qnjls3qB6yYTl0kHERh6Cd77qQYYWa/:AyMhVHaIRyw/aqSQnpY7yQGz77qQYYyI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35894f3b6a318cfa0dd769f901476ef6_JaffaCakes118

Files

35894f3b6a318cfa0dd769f901476ef6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffb191c1a65355bc2a5f53407962ae83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertThreadToFiber
GetProcAddress
ExitProcess
SetThreadPriority
GetModuleHandleW

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 439KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ