437c646e01189edd29d0aeddca8e51d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

437c646e01189edd29d0aeddca8e51d8_JaffaCakes118
Size

56KB
MD5

437c646e01189edd29d0aeddca8e51d8
SHA1

3b99e5cd7f3d5115a1e0bef7b6c8908d3b6bc8c2
SHA256

1a7e516337cfcb537c77aac192adb73be201857e76ac3c836211c2a0221e12cc
SHA512

b46fa2f6c54dc9c43b8626c01af0a61c23b59a48ee4c8ebdf19e2e60fd8250d169153354d41e3599f66c563524a7128c02ea1878f793638d46aedacfa20b8eb9
SSDEEP

768:/8WogPGtlivxrhn7FUdsWYqZ74IBQvgNbcdURd/LpmxXE8x8s+mm9qIbQ+k1NCgL:pWsqcMmaAYdDMzxt+KOgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
437c646e01189edd29d0aeddca8e51d8_JaffaCakes118

Files

437c646e01189edd29d0aeddca8e51d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b840c4a50371fd83041a256218d2771b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeA
VirtualUnlock
Thread32First
RegisterWaitForSingleObjectEx
HeapFree
GetDllDirectoryW
GetProcessVersion
ExpungeConsoleCommandHistoryW
SetLocalPrimaryComputerNameA
GetBinaryTypeW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE